Job Title: IS Security Architect
Job Location: Madison, Wisconsin (Remote)
Job Duration: Full-Time
Job Summary:
· The IS Security Architect is a technical leader with advanced competencies in Information Systems and cyber security, responsible for planning, designing, testing, implementing, and maintaining our client's IT & Network security infrastructure. The role requires thorough knowledge of client's business and a comprehensive understanding of the technology it uses to conduct operations, delivering exceptional healthcare. This position will be working with front and backend teams to execute the development of new products and continued maintenance.
· We are looking for someone with a solid software engineering background, strong knowledge of AWS, Node.js, JavaScript, and work with React.js.
Responsibilities:
· Partners with Information Security Director and Managers to develop an execution plan to accomplish operational and strategic goals.
· Regularly review existing network design, ingress/egress points, cloud connectivity, and DMZ. Identifies, recommends, and plans improvements. Evaluates, test, and recommends information systems (IS) and cyber security systems.
· Assesses cyber security tools, identifies gaps/overlaps, recommends and drives implementation of improvements/modifications.
· Serves as a consultant, technical leader, and escalation point within IS for information security-related issues.
· Researches and identifies trends and best practices in the industry and provides guidance and recommendations to grow, transform and improve security functions.
· Aligns organizational security strategy and infrastructure with overall business and technology strategy.
· Identifies and communicates current and emerging security threats.
· Designs security architecture elements to mitigate threats as they emerge.
· Plans, research, and design robust security architectures for mid-size and large-scale IT projects.
· Creates solutions that balance business requirements with information and cybersecurity requirements.
· Identifies security design gaps in existing and proposed architectures and recommends changes or enhancements.
· Regularly communicate vital information, security needs, and priorities to upper management.
Job Requirements:
· Bachelor’s Degree in Healthcare, Information Technology, Business, or related field (relevant work experience may be considered in lieu of degree)
· Demonstrated success utilizing emerging technologies to design and implement security solutions; monitoring and improving those solutions while working in consultation with the information security team.
· Demonstrated success in consulting and engineering in the design and development of security best practices; implementation of security measures to meet business goals, customer needs, and regulatory requirements.
· Demonstrated success leading security considerations of cloud computing, including data breaches, hacking, account hijacking, malicious insiders, third parties, authentication, APTs, data loss, and DoS attacks.
· Demonstrated success leading identity and access management; tracking and creating/enforcing policies that govern access to sensitive technology resources and information assets.
· Security certification: Certified Information System Security Professional (CISSP),
· Certified Information Systems Manager (CISM), Certified in Healthcare Privacy and
· Security (CHPS), or HealthCare Information Security and Privacy Practitioner (HCISPP).
Required Skills, Knowledge, and Abilities:
Advanced competency in the following areas:
· Leadership including leads with integrity, maintaining strategic orientation, demonstrating business & financial acumen, championing innovation, managing execution, leading & develops people
· Technical leadership of applicable products or platforms
· Leading highly empowered, self-directed teams including cross-functional teams
· Communication
· Effective team member
· Critical thinking
· Applying lean management tools
· Applying agile methodologies
· Mentoring and teaching
Advanced competency in the following:
· Network Elements:
o Network Nodes: routers/switches/gateways/etc.
o Network communication protocols: TCP/IP, DNS, HTTPS, etc.
o Network topologies: point-to-point, mesh, hub-and-spoke, etc.
· Security Elements:
o Cybersecurity devices: firewalls, IDs/IPS, etc.
o Cybersecurity software: anti-virus, anti-malware, anti-spam, etc.
o Encryption techniques: end-to-end, zero-knowledge privacy, blockchain, etc.
o Certificate-based security and encryption
o Security methods, tools, and systems including, but not limited to: threat hunting, cloud security (CASB), SIEM, MDR/EDR/XDR
· Expertise in vulnerability management platforms like Qualys, Tenable Nessus, Rapid 7 Nexpose and associated remediation strategies
· Solid understanding of programming languages like HTML, PHP, JavaScript, SQL, PERL, Python, C++, etc.
· Deep understanding of operating system internals in both Windows and Linux
· Expertise with Active Directory, especially identification of vulnerabilities and remediation options
· Strong background in:
o Identity and Access Management (IAM)
o Multi-factor Authentication (MFA)
o Privileged Access Management (PAM)
o Device management
o Incident detection and response
· Mastery of NIST 800 series security requirements, cyber-security framework
· Mastery of NIST Cloud Computing Security Reference Architecture
· Ability to think like a hacker (inquisitive) and an executive (disciplined/strategic)
· Ability to use threat modeling to simulate adversarial operations and build appropriate defenses
· Ability to independently evaluate and analyze IS clinical and business systems and develop specifications to create or enhance information security functions
· Exceptional analytical skill, innovation, and creativity to formulate and implement the mechanisms necessary to identify and solve problems
· Demonstrated success in project management methodologies and strategies; ability to problem solve and lead complex projects involving multiple teams, stakeholders, and resources
· Ability to gather requirements, provide analysis, and measure outcomes
· Exposure to queries, scripting, and other programming languages
· Ability to make judgments in demanding situations
· Ability to react to frequent changes in duties and volume of work and to manage multiple concurrent activities
· Ability to logically organize details
· Effective communication skills (written and oral communications skills, especially active listening and writing)
· Effective interpersonal skills, including the ability to promote teamwork, lead by example, and ensure a high degree of internal and external customer satisfaction
· Ability to clearly communicate technical and/or complex concepts or topics to a lay person
· Ability to work independently and self-motivate in pursuit of broad objectives
· Ability to acquire and assimilate new knowledge and skills quickly
· Ability to provide appropriate and constructive feedback to other analysts and peers