Director, Information Security (Cloud Architecture, AppSec, Data & Product Security focus)

Director, Information Security (Cloud Architecture, AppSec, Data & Product Security focus)

This candidate will define and execute on the architecture and technical vision of cloud security controls across Omnicell’s hybrid multi-cloud environment.  The cloud security architecture must be compliant with existing enterprise technical security control requirements models, as well as meet HIPAA/HiTrust standards for ePHI. The candidate will operate at the intersection of Business, Customer Driven Design and Technology to deliver cloud security products that improve the security posture of Omnicell’ s hybrid multi-cloud environment. 

The Cloud Security Architect will be responsible for leading highly skilled development teams at the forefront of cloud Cybersecurity engineering at Omnicell. This candidate will be responsible for articulating and translating the overall technical strategy and tactics for cloud security to the enterprise and across multiple business units.

ESSENTIAL RESPONSIBILITIES

• Define and enforce security standards and best practices for Omnicell’s cloud environments, including AWS and Azure.
• Implement and manage cloud security controls, including network security, access control, data encryption, and security monitoring.
• Develop and implement a comprehensive data protection strategy that encompasses data discovery, classification, encryption, access control, and data loss prevention (DLP).
• Develop and maintain a comprehensive set of security policies, standards, and guidelines that align with the industry best practices and regulatory requirements.
• Embed security into the design and development of Omnicell’s products and services, ensuring security is a core consideration from concept to deployment.
• Lead the design and implementation of security coding practices, security testing methodologies (SAST, DAST, IAST), and vulnerability management programs for all applications.
• Champion the adoption of DevSecOps principles and integrate security throughout the SDLC.
• Provide expert guidance on application security architecture, threat modeling, and secure coding best practices.
• Ensure compliance with data privacy regulations, such as HIPAA, GDPR, and CCPA.
• Collaborate with product management and engineering teams to prioritize and remediate security risks.
• Partner with multiple business units and the Omnicell Privacy Officer to assess and reduce security risks
• Provide clear written and verbal consulting to projects about cloud security architecture and cloud risk management.
• Serve as a cyber security subject matter expert for across all supported cloud service providers, assessing the business impact of cyber security risks to the enterprise and identifying options and recommendations for mitigating those risks. 
• Reports to IT Senior and executive Management on technical status of enterprise IT security initiatives.  
• Utilize strong business communication skills, both written and verbal to solve unconventional problems, as well as interface with customers to respond to customer queries on the Omnicell Cloud strategies

 

 

Basic Qualifications:

• Bachelor’s Degree - Information Systems, Computer Science, Information Security, or Engineering. 
• CISA, CCSP and or CISSP
• 10+ years of experience in the security aspects relating to multiple platforms, operating systems, software, communications, and network protocols, or an equivalent combination of education and work experience.
• 3+ years of cloud IaaS/PaaS technology, popular cloud service providers and information security industries, their current developments, trends, issues, and fundamental concepts
• 3+ years demonstrated expertise in analyzing a wide spectrum of enterprise cloud service provider systems and services robustness and needs, and making practical recommendations to address security needs relating to each. 
• 3+ experience with common information security management frameworks

 

PREFERRED EDUCATION

Master’s Degree – Computer Science, Information Security or related field

Experience with HITRUST, ISO 27001, CobiT, ITIL, NIST, FedRAMP.

Since 1992, Omnicell has been committed to transforming pharmacy care through outcomes-centric innovation designed to optimize clinical and business outcomes across all settings of care. We strive to be the healthcare provider’s most trusted partner by our guiding promise of “Outcomes. Defined and Delivered.”    Our comprehensive portfolio of robotics, smart devices, intelligent software, and expert services is helping healthcare facilities worldwide to improve business and clinical outcomes as they move closer to the industry vision of the Autonomous Pharmacy.  Our guiding principles inform everything we do: 

• As Passionate Transformers, we find a better way to innovate relentlessly. 
• Being Mission Driven, we consistently deliver on our promises. 
• Our Entrepreneurial spirit makes the most of EVERY opportunity for innovation. 
• Understanding that Relationships Matter creates synergies that yield the greatest benefits for all.
• Intellectually Curious, eager to think deeper to learn and improve.
• In Doing the Right Thing, we lead by example in ALL we do. 

We are deeply committed to Environmental, Social, and Governance (ESG) initiatives. Our ESG efforts focus on creating an inclusive culture and a healthier world. This includes our Employee Impact Groups, which foster diversity and inclusion, as well as our learning and well-being programs that support personal and professional growth. We also prioritize sustainability in our operations, aiming to reduce our environmental footprint and promote responsible business practices. Join us in transforming the pharmacy care delivery model, making patient care safer and smarter for all.