Consultant, Cybersecurity Architect

We are so glad you are interested in joining Sutter Health!

Organization:

SHSO-Sutter Health System Office-Valley

Position Overview:

The Cybersecurity Architect Consultant is responsible for designing and advising on comprehensive security architectures that protect the organization's systems, networks, and data. This role involves working with stakeholders to align security strategies with business objectives, evaluating emerging technologies, and providing expert guidance on best practices to address current and evolving cyber threats.

Key Responsibilities:

Security Architecture Design

Develop and implement scalable, secure architectures for on-premises, cloud, and hybrid environments.
Create security frameworks and blueprints that align with organizational policies and compliance requirements.
Ensure security considerations are integrated into system and application design processes.
Risk Assessment & Mitigation

Identify potential security risks and gaps in existing or planned architectures.
Propose mitigation strategies and architectural adjustments to address identified vulnerabilities.
Conduct threat modeling to anticipate and counteract advanced attack scenarios.
Technology Evaluation & Integration

Evaluate and recommend new security technologies, tools, and platforms based on organizational needs.
Oversee the integration of security solutions with existing IT infrastructure.
Ensure new technologies comply with security policies and meet architectural standards.
Collaboration & Advisory

Work closely with stakeholders, including IT, development, and executive teams, to align security with business goals.
Provide technical leadership to project teams and guide security implementation during development cycles.
Collaborate with external partners, vendors, and regulators to ensure alignment with industry standards.
Policy & Compliance Alignment

Ensure architectures comply with regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS) and internal policies.
Develop and maintain security guidelines, standards, and best practices for system and application design.
Support audits and assessments by providing evidence of architectural controls.
Continuous Improvement

Stay informed about emerging threats, industry trends, and advancements in security technology.
Refine security strategies and frameworks based on lessons learned and evolving needs.
Conduct regular reviews and updates of security architectures to ensure long-term resilience.
Documentation & Communication

Develop detailed architecture diagrams, documentation, and reports for technical and non-technical audiences.
Present recommendations and strategies to leadership and stakeholders.
Document processes for implementing and managing architectural components.

Job Description:

EDUCATION
Equivalent experience will be accepted in lieu of the required degree or diploma.

• Bachelor's: Business, Cyber Security, Risk Management, Information Technology, Computer Science or related field or equivalent education/experience

TYPICAL EXPERIENCE:

• 8 years recent relevant experience.

• Experience providing cyber security support by planning, coordinating, integrating and synchronizing cyber defense and prevention activities.

• Experience creating comprehensive and accurate reports that are used to communicate risk profile impact to peers and management.

• Experience ensuring compliance with all applicable state and federal cyber laws and regulations.

SKILLS AND KNOWLEDGE

• Thorough knowledge of information systems security concepts and current information security trends and practices including security processes and methods.

• General knowledge of Federal and State IS security and privacy-related regulatory requirements and laws.

• General knowledge regarding National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act (HIPAA), Federal Information Processing Standards (FIPS), and other recognized industry security standards. and best practices.

• Detailed understanding of end point security technologies (Antivirus, Forensics, Anti-malware, HIPS)

• Detailed understanding of end point operating systems (Windows and Linux)

• In depth knowledge of cyber security solutions, policies and technologies

• Understanding of the lifecycle of a network threat and network vulnerability exploitation in a healthcare environment

• Working understanding of the anatomy of a cyber attack: advanced level of skill using Microsoft windows workstation and server, UNIX/Linux and network Os’s, proven ability to use internet technologies including dns, routing, smtp, http, dhcp, and ftp etc.

• Technical skills in planning, administration, and management of information systems, operational and technical security controls, and security risk analysis and management

• Written/verbal interpersonal communication skills with the ability to interact effectively with a broad and diverse group of peers, users, and executives.

• Proven ability to prioritize work while multi-tasking on assigned work.

• Demonstrated ability to acquire images, either remote or local, to a workstation or server.

• Proven ability to conduct forensics activities in the context of an active attack.

• Technical skills in end point security controls, such as acls, hips, registry, logging, and forensics.

• Ability to perform and conduct incident response and participate in security incident and post incident response process

• Proven ability to break down highly complex technical topics into language and diagrams understandable to a wide audience.

Job Shift:

Days

Schedule:

Full Time

Days of the Week:

Monday - Friday

Weekend Requirements:

As Needed

Benefits:

Yes

Unions:

No

Position Status:

Exempt

Weekly Hours:

40

Employee Status:

Regular

Sutter Health is an equal opportunity employer EOE/M/F/Disability/Veterans.

Pay Range is $68.59 to $109.75 / hour

The salary range for this role may vary above or below the posted range as determined by location. This range has not been adjusted for any specific geographic differential applicable by area where the position may be filled. Compensation takes into account several factors including but not limited to a candidate’s experience, education, skills, licensure and certifications, department equity, training and organizational needs. Base pay is just one piece of the total rewards program offered by Sutter Health. Eligible roles also qualify for a comprehensive benefits package. ​