Cybersecurity Architect

USRC's greatest strength in being a leader in the dialysis industry is our ability to recognize and celebrate the differences in our diverse workforce. We strongly believe in recruiting top talent and creating a diverse and inclusive work climate and culture at all levels of our organization.

SUMMARY

The Cybersecurity Architect plays an integral role in implementing the organization's security strategy, architecture, and practices by effectively translating security objectives and risk management strategies into specific security processes enabled by security technologies and services.

Essential Duties and Responsibilities include the following. Other duties and tasks may be assigned.

• Provides the necessary leadership and performs analysis / design tasks to support the implementation and optimization of security solutions.
• Has overall responsibility to ensure that solutions meet business needs and align with architectural governance and security standards.
• Advocates security requirements and objectives with stakeholders across network, infrastructure, app dev and operations domains, while also ensuring that security architecture and practices do not infringe on the needs of the business.
• Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology, and threat drivers
• Develops and maintains security architecture artifacts (models, templates, standards, and procedures) that can be used to leverage security capabilities in projects and operations
• Drafts security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the chief information security officer (CISO)
• Conducts or facilitates threat modeling of services and applications that tie to the risk and data associated with the service or application
• Coordinates with the DevOps teams to advocate secure coding practices and escalate concerns related to poor coding practices to the CISO or the individual responsible for the overall security direction
• Coordinates with the privacy officer to document data flows of sensitive information within the organization (e.g., PII or ePHI) and recommends controls to ensure this data is adequately secured (e.g., encryption, tokenization, etc.)
• Defines the principles, guidelines, standards, and solution patterns to ensure solution decisions are aligned with the enterprise's future-state security architecture vision.
• Facilitates the evaluation and selection of cybersecurity product standards and services.
• Identifies the organizational impact (for example, on skills, processes, structures, or culture) and financial impact of the security architecture.
• Liaisons with the vendor management team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property, PII, ePHI, regulated or other protected data, including:
• Liaisons with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.
• Actively promotes GUEST customer service standards; develops effective relationships at all levels of the organization.
• Participates in team concepts and promote a team effort; performs duties in accordance with company policies and procedures.
• Regular and reliable attendance is required for the job.

Qualifications/Requirements:

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.

Requirements include:

• Bachelor's or Master's degree in computer science, information systems, engineering, cybersecurity or a related field.
• Seven (7) plus years of experience designing and implementing cybersecurity solutions in two or more domains, including server/storage infrastructure, networks, application development and data.
• Exposure to multiple, diverse technologies, platforms, and processing environments.
• Experience in using architecture methodologies such as SABSA, Zachman and TOGAF
• Direct, hands-on experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management technology
• Experience reviewing application code for security vulnerabilities
• Direct, hands-on experience using vulnerability management tools
• Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services
• Full-stack knowledge of IT infrastructure:
  • Applications
  • Databases
  • Operating systems (Windows, UNIX and Linux)
  • Hypervisors
  • IP networks (WAN, LAN)
  • Storage networks (Fibre Channel, iSCSI and NAS)
  • Backup networks and media
• Strong working knowledge of IT service management (e.g., ITIL-related disciplines):
  • Change management
  • Configuration management
  • Asset management
  • Incident management
  • Problem management
• Experience designing the deployment of applications and infrastructure into public cloud services (e.g., AWS or Microsoft Azure)
• Practical knowledge of widely used standards, regulations and cybersecurity frameworks such as NIST, ISO 27001 / 27002, SOC2, HIPA, FISMA, etc. and key security controls.