IT Security Architect

Work Shift:

Capital Health is the region's leader in providing progressive, quality patient care with significant investments in our exceptional physicians, nurses and staff, as well as advance technology. Capital Health is a five-time Magnet-Recognized health system for nursing excellence and is comprised of 2 hospitals. Capital Health Medical Group is made up of more than 250 physicians and other providers who offer primary and specialty care, as well as hospital-based services, to patients throughout the region.

Position Overview:

SUMMARY (BASIC PURPOSE OF THE JOB)

The Information Security Architect develops security standards and processes for existing and modern technologies (such as Cloud, AI), and selects new security solutions for the organization.  The Architect develops security policies, validates the effectiveness of the security program, reviews risk assessment results, reviews security education program designs, and enforces remediation progress of enterprise information security risks. Additionally, the Architect works closely with GRC Manager and Engineering and Operations Manager to design and implement the security strategy and roadmap. This is a senior position and requires tactical management of the security GRC processes, frameworks, and tools working with a team of security professionals. The position also requires an in-depth knowledge of the regulations (e.g., HIPAA, HITECH, PCI DSS) and best security practices (e.g., NIST CSF, ISO) applicable to the healthcare industry.

MINIMUM REQUIREMENTS

Education:           Bachelor's degree in a relevant field, or equivalent experience. Master's degree preferred.

Experience:         8+ years of experience in information security including security policy development, setting security standards, selecting modern technologies and selecting new security solutions.  

Other Credentials:           

Knowledge and Skills:     Relevant certifications such as CompTIA Security+, Network+ required. ISACA CISM, CRISC, CISA and ISC2 CISSP, ISSAP preferred. Knowledge of desktop support, networking and security technologies. Experience with desktops, servers, storage, virtualization, networking and security technologies. Working knowledge of IAM, PAM and other security solutions.

Special Training:                Network+, Security+, CySA+, CEH or other advanced IT security certifications. Experience with security tools and technologies including SIEM, MFA, EDR, XDR, NDR, IPS, IDS solutions.

Mental, Behavioral and Emotional Abilities:           Possesses ability to work independently under minimal supervision. Managerial skills preferred.

Usual Work Day:               Exempt Hours 

REPORTING RELATIONSHIPS

Does this position formally supervise employees? Yes

If set to YES, then this position has the authority (delegated) to hire, terminate, discipline, promote or effectively recommend such to manager.

ESSENTIAL FUNCTIONS

Defines and evolves the organization's security architecture, ensuring alignment with industry best practices and standards.

Develops and maintains comprehensive security policies, standards, procedure, and guidelines.

Possesses in-depth knowledge of security technologies, including endpoint detection, firewalls, intrusion prevention systems, and related tools.

Possesses knowledge of network design and operation, server design and operation, cloud infrastructure, and related technologies.

Evaluates, selects, and implements security solutions that enhance the organization's security posture.

Leads a team of security analysts, engineers, and administrators, fostering a culture of innovation, collaboration, and excellence.

Provides mentorship, training, and professional development opportunities for team members.

Works closely with IT Security Directors to align security engineering efforts with overall security strategy and objectives.

Collaborates with cross-functional teams to integrate security measures into the organization's technology landscape.

Stays informed about industry trends, emerging threats, and security technologies.

Drives continuous improvement initiatives to enhance the organization's security posture.

Provides leadership during security incidents, collaborating with the Incident Response team to ensure effective and timely resolution.

Creates and maintains comprehensive documentation of security architectures, processes, and procedures.

Prepares and delivers regular reports to IT Security Director on the team's activities, accomplishments, and ongoing initiatives.

Performs other duties as assigned.

Offers are contingent upon successful completion of our onboarding process and pre-employment physical.  Capital Health will require all applicants (including contractors, travelers and consultants) to have an annual flu vaccine prior to start date, with the exception of individuals with medical and religious exemptions.

"Company will never ask candidates for social security numbers or date of birth during application phase. If you are asked for this information online, you may be a target for identity theft."