Information Security Architect

Description

The Information Security Architect will serve as an expert on matters related to enterprise information security design and implementation within the network. This individual will be responsible for determining enterprise security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures and mentoring team members. ESSENTIAL JOB DUTIES AND RESPONSIBILITIES

Provide design and product recommendations for security technologies needed across the enterprise. Ensuring security technologies deliver on stated use cases and business requirements.

Partner closely with the Enterprise Architects, Project Managers, Infrastructure Leaders, and Application Development teams to ensure a consistent approach to securing information and the assets which process and store that information.

Direct strategies around developing software security for web and mobile applications; and mobile hardware and software technologies. Assist in application development/software development/deployment methodologies, for web/mobile based environments.

Work with developers and subject matter experts to establish the technical vision for application architectures and technology (including web applications, mobile technology, and identity and access management).

Write detailed security requirements for deployment of applications and network infrastructure components and participate on focus groups to help define security requirements for new and emerging technologies

Define and implement information security architecture policies, standards, and baselines. Make recommendations regarding security plans, policies, standards and procedures.

Direct key technology initiatives with a focus on planning, development and implementation of security architecture and monitoring directives.

Define new users to various applications based on authorized requests. Assist the Solution Center with security-related problems.

MINIMUM QUALIFICATIONS

• Bachelor's Degree required. Degree in Computer Sciences, Information Technology, or other relevant major with equivalent work experience in such field preferred.
• 5+ years experience with network or systems administration required.
• 5+ years solid understanding of Information Security & IT controls, penetration testing, vulnerability assessments, HIPAA, Joint Commission, NIST and ISO frameworks, and other information security governing bodies.
• 5+ years experience in DBMS security preferred.
• 2+ years experience in healthcare setting preferred.
• Experience in design of Microsoft Active Directory permissions and role-based security models.
• Strong knowledge of Physical and Logical security systems preferred.
• Leadership Experience in IT Support Organization preferred.
• Demonstrated knowledge of generally known information technology platforms, standards, and software development language(s).
• Demonstrate well-developed verbal and written communication and analytical skills.
• Strong interpersonal skills to interact positively and productively with teams across organizational lines, including administrative, executive staff and patient care systems users.
• Must be able to function in a environment subject to impromptu changes in schedules and priorities.
• Certified or willingness to obtain certification within one year of hire in the following area(s): Certified Information Systems Security Professional (CISSP), GIAC Certified Intrusion Analyst (GCIA), GIAC Certified Window Security Administrator (GCWN), GIAC Certified Enterprise Defender (GCED), GIAC Security Essentials Certified (GSEC).