Overview
On Site
Full Time
Skills
Documentation
Business Acumen
FOCUS
Teamwork
Decision-making
Negotiations
Enterprise Architecture
IT Management
Mentorship
Information Systems
Leadership
IaaS
PaaS
Research
Cloud Security
Cyber Security
Risk Management
Security Architecture
Network Security
Security Analysis
Testing
Security Operations
Software Development
Technical Drafting
Information Security
Threat Modeling
Artificial Intelligence
Machine Learning (ML)
Deep Learning
Virtual Machines
High Performance Computing
HPC
Data Analysis
Google Cloud Platform
Google Cloud
Microsoft Azure
Proxies
Identity Management
Web Applications
Firewall
API
Management
Kubernetes
Database
DevSecOps
Continuous Integration
Continuous Delivery
HIPAA
System On A Chip
PCI DSS
PASS
Cisco Certifications
Cloud Computing
CISSP
ISSAP
SCF
SCP
Supply Chain Management
ISACA
Reporting
Collaboration
Network
Taxes
Law
Security Management
Employment Authorization
Job Details
Job Description
The position will support the projects in our Security Modernization program. This will include helping to gather business requirements and create conceptual and logical architecture documentation.
The role of the Cloud Security Architect demands business intellect, technical acuity, and the ability to think, communicate, and write at various levels of abstraction, business acumen, and technical capacity. The Cloud Security Architect is a resource to identify and resolve technology-related information security gaps based on the organization's risk posture with guidance and input from peers. This is accomplished by maintaining a focus on cloud security while retaining enterprise security functions. This individual embraces teamwork, collaboration, and consensus driven decision making and has seasoned negotiation and influencing skills.
The Cloud Security Architect will implement, with guidance from Senior and Principal Cloud Security Architects, the following key functional areas:
Serve as an information security liaison to business leaders, executive sponsors, senior service/product owners, and third parties.
Lead information security efforts by guiding work throughout projects, initiatives, program increments, workshops, design/solution sessions, and consulting work.
Collaborate with senior leaders across engineering, enterprise architecture, OIS, and development practices to solve complex problems and deliver end-to-end solutions.
Lead efforts that relate to creating and updating cloud and enterprise information security policies, standards, guidelines, and best practices.
Advocate for the use of strong security principles and strategies throughout the organization.
Identify, prioritize, and escalate areas of inefficiencies, high risk information security practices, or sub-optimal operational outcomes and consult on strategies to remediate.
Help drive consensus on relevant strategies or initiatives with stakeholders, customers, and business leaders to achieve mutually beneficial outcomes.
Work with a high level of autonomy while keeping the CISO, security leadership, and OIS informed of risks, new work, roadblocks, and organizational developments.
Maintain strong relationships by guiding customers and stakeholders on the applicability of security architecture as it relates to their area of responsibility.
Develop and defend security architectures or strategic security direction to executive leaders, customers, stakeholders, and technical implementation teams.
Identify, help prioritize, and justify work efforts to IT, solution architects, enterprise architects, engineers, and analysts.
Represent management and communicate OIS strategy as the technical lead for projects and cross departmental efforts within research, education, patient care, and with external partners.
Maintain a reputation of positive leadership throughout OIS and act as a mentor and trainer to OIS colleagues.
*This position is a 100% remote work. Individual may live anywhere in the US.
**This vacancy is not eligible for sponsorship / we will not sponsor or transfer visas for this position.
During the selection process, you may participate in an OnDemand (pre-recorded) interview that you can complete at your convenience. During the OnDemand interview, a question will appear on your screen, and you will have time to consider each question before responding. You will have the opportunity to re-record your answer to each question - Mayo Clinic will only see the final recording. The complete interview will be reviewed by a Mayo Clinic staff member and you will be notified of next steps.
Qualifications
An Associate's degree and 10 years of experience related to Information Systems or an accumulated equivalent body of work. Alternatively, a Bachelor's degree and 8 years of similar experience.
6 years of experience in a Cybersecurity focused field OR a Cybersecurity relevant Master's degree and 4 years of experience in a Cybersecurity focused field.
2 years of demonstrated leadership experience.
1 year of experience working as a Cybersecurity practitioner relating to IaaS or PaaS within one of the major public cloud service providers, such as Google Cloud Platform or Azure is strongly preferred.
The Cloud Security Architect is expected to be competent in a complementary mixture of the following skills and abilities:
Take enterprise and cloud initiatives, extract meaningful business requirements, translate them into information security requirements, and demonstrate completeness by incorporating them into the design to fit the needs of the customer and stakeholders.
Advise on and develop cybersecurity strategy, within the enterprise and cloud, to align with operational activities, and communicate broadly across OIS.
Perform threat modeling to provide traceability in enterprise and cloud security designs while incorporating potential business impact.
Research and evaluate modern technologies to stay current on emerging topics.
Guide efforts as it relates to enterprise and cloud security risk functions such as risk remediation, quantification, acceptance, reduction, and transference.
Possess deep discipline expertise within at least one of the major Cybersecurity domains while maintaining broad cross-discipline expertise: Risk Management, Asset Security, Security Architecture & Engineering, Communications & Network Security, Identity and Access Management, Security Assessment & Testing, Security Operations, and Software Development Security.
Maintain the ability to speak to and comprehend, at an expert level, all applicable security principles, frameworks, policies, standards, and theory.
Ability to design Enterprise, Cloud, Multi-cloud, and Hybrid-cloud architectures to deliver associated artifacts in the form of conceptual and logical architectures as well as technical design documents.
Redesign information security components of legacy on-premises environments as they transition into the cloud.
Competencies in threat modeling, designing, and solutioning enterprise & cloud architectures around Artificial Intelligence (AI), Machine Learning (ML), Deep Learning Virtual Machines (DLVM), High Performance Computing (HPC), High Performance Data Analysis (HPDA), Data Lakes (DL), and supporting infrastructure.
Experience leading, collaborating, and contributing to deliver secure outcomes with at least one major public cloud service provider, preferably Google Cloud Platform or Azure.
Experience designing with security-focused cloud native services such as: VPCs Service Controls, Identity Aware/Contextual Proxies, Cloud Identity & Access Management, Web Application Firewalls, API Gateways, Secrets/Key Management, and other applicable applications or services.
Experience designing secure environments for cloud native services such as: Compute, Kubernetes, Container Registries, Databases, Pub/Sub, Infrastructure as Code, DevSecOps, CI/CD Pipelines, Cloud Consoles, Serverless Computing, and other applicable applications or services.
Able to incorporate applicable HIPAA, HITRUST, SOC2, NIST, GDPR, and PCI-DSS requirements into enterprise and cloud architectures.
Licensure or Certification:
Must have one of the following certifications (or equivalent) at time of hire or the candidate must pass the exam within two years and complete the certification process once years of service requirements of the certifying body have been met.
CISSP
HCISPP
CDPSE
CCSP
Google - Professional Cloud Architect (GPCA)
CISSP-ISSAP
SABSA (SCF, SCP, and/or SCM)
CRISC
About Us
Why Mayo Clinic
Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans - to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic.
Benefits Highlights
About the Team
Just as our reputation has spread beyond our Minnesota roots, so have our locations. Today, our employees are located at our three major campuses in Phoenix/Scottsdale, Arizona, Jacksonville, Florida, Rochester, Minnesota, and at Mayo Clinic Health System campuses throughout Midwestern communities, and at our international locations. Each Mayo Clinic location is a special place where our employees thrive in both their work and personal lives. Learn more about what each unique Mayo Clinic campus has to offer, and where your best fit is.
Equal Opportunity
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability status. Learn more about the "EOE is the Law". Mayo Clinic participates in E-Verify and may provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's Form I-9 to confirm work authorization.
The position will support the projects in our Security Modernization program. This will include helping to gather business requirements and create conceptual and logical architecture documentation.
The role of the Cloud Security Architect demands business intellect, technical acuity, and the ability to think, communicate, and write at various levels of abstraction, business acumen, and technical capacity. The Cloud Security Architect is a resource to identify and resolve technology-related information security gaps based on the organization's risk posture with guidance and input from peers. This is accomplished by maintaining a focus on cloud security while retaining enterprise security functions. This individual embraces teamwork, collaboration, and consensus driven decision making and has seasoned negotiation and influencing skills.
The Cloud Security Architect will implement, with guidance from Senior and Principal Cloud Security Architects, the following key functional areas:
Serve as an information security liaison to business leaders, executive sponsors, senior service/product owners, and third parties.
Lead information security efforts by guiding work throughout projects, initiatives, program increments, workshops, design/solution sessions, and consulting work.
Collaborate with senior leaders across engineering, enterprise architecture, OIS, and development practices to solve complex problems and deliver end-to-end solutions.
Lead efforts that relate to creating and updating cloud and enterprise information security policies, standards, guidelines, and best practices.
Advocate for the use of strong security principles and strategies throughout the organization.
Identify, prioritize, and escalate areas of inefficiencies, high risk information security practices, or sub-optimal operational outcomes and consult on strategies to remediate.
Help drive consensus on relevant strategies or initiatives with stakeholders, customers, and business leaders to achieve mutually beneficial outcomes.
Work with a high level of autonomy while keeping the CISO, security leadership, and OIS informed of risks, new work, roadblocks, and organizational developments.
Maintain strong relationships by guiding customers and stakeholders on the applicability of security architecture as it relates to their area of responsibility.
Develop and defend security architectures or strategic security direction to executive leaders, customers, stakeholders, and technical implementation teams.
Identify, help prioritize, and justify work efforts to IT, solution architects, enterprise architects, engineers, and analysts.
Represent management and communicate OIS strategy as the technical lead for projects and cross departmental efforts within research, education, patient care, and with external partners.
Maintain a reputation of positive leadership throughout OIS and act as a mentor and trainer to OIS colleagues.
*This position is a 100% remote work. Individual may live anywhere in the US.
**This vacancy is not eligible for sponsorship / we will not sponsor or transfer visas for this position.
During the selection process, you may participate in an OnDemand (pre-recorded) interview that you can complete at your convenience. During the OnDemand interview, a question will appear on your screen, and you will have time to consider each question before responding. You will have the opportunity to re-record your answer to each question - Mayo Clinic will only see the final recording. The complete interview will be reviewed by a Mayo Clinic staff member and you will be notified of next steps.
Qualifications
An Associate's degree and 10 years of experience related to Information Systems or an accumulated equivalent body of work. Alternatively, a Bachelor's degree and 8 years of similar experience.
6 years of experience in a Cybersecurity focused field OR a Cybersecurity relevant Master's degree and 4 years of experience in a Cybersecurity focused field.
2 years of demonstrated leadership experience.
1 year of experience working as a Cybersecurity practitioner relating to IaaS or PaaS within one of the major public cloud service providers, such as Google Cloud Platform or Azure is strongly preferred.
The Cloud Security Architect is expected to be competent in a complementary mixture of the following skills and abilities:
Take enterprise and cloud initiatives, extract meaningful business requirements, translate them into information security requirements, and demonstrate completeness by incorporating them into the design to fit the needs of the customer and stakeholders.
Advise on and develop cybersecurity strategy, within the enterprise and cloud, to align with operational activities, and communicate broadly across OIS.
Perform threat modeling to provide traceability in enterprise and cloud security designs while incorporating potential business impact.
Research and evaluate modern technologies to stay current on emerging topics.
Guide efforts as it relates to enterprise and cloud security risk functions such as risk remediation, quantification, acceptance, reduction, and transference.
Possess deep discipline expertise within at least one of the major Cybersecurity domains while maintaining broad cross-discipline expertise: Risk Management, Asset Security, Security Architecture & Engineering, Communications & Network Security, Identity and Access Management, Security Assessment & Testing, Security Operations, and Software Development Security.
Maintain the ability to speak to and comprehend, at an expert level, all applicable security principles, frameworks, policies, standards, and theory.
Ability to design Enterprise, Cloud, Multi-cloud, and Hybrid-cloud architectures to deliver associated artifacts in the form of conceptual and logical architectures as well as technical design documents.
Redesign information security components of legacy on-premises environments as they transition into the cloud.
Competencies in threat modeling, designing, and solutioning enterprise & cloud architectures around Artificial Intelligence (AI), Machine Learning (ML), Deep Learning Virtual Machines (DLVM), High Performance Computing (HPC), High Performance Data Analysis (HPDA), Data Lakes (DL), and supporting infrastructure.
Experience leading, collaborating, and contributing to deliver secure outcomes with at least one major public cloud service provider, preferably Google Cloud Platform or Azure.
Experience designing with security-focused cloud native services such as: VPCs Service Controls, Identity Aware/Contextual Proxies, Cloud Identity & Access Management, Web Application Firewalls, API Gateways, Secrets/Key Management, and other applicable applications or services.
Experience designing secure environments for cloud native services such as: Compute, Kubernetes, Container Registries, Databases, Pub/Sub, Infrastructure as Code, DevSecOps, CI/CD Pipelines, Cloud Consoles, Serverless Computing, and other applicable applications or services.
Able to incorporate applicable HIPAA, HITRUST, SOC2, NIST, GDPR, and PCI-DSS requirements into enterprise and cloud architectures.
Licensure or Certification:
Must have one of the following certifications (or equivalent) at time of hire or the candidate must pass the exam within two years and complete the certification process once years of service requirements of the certifying body have been met.
CISSP
HCISPP
CDPSE
CCSP
Google - Professional Cloud Architect (GPCA)
CISSP-ISSAP
SABSA (SCF, SCP, and/or SCM)
CRISC
About Us
Why Mayo Clinic
Mayo Clinic is top-ranked in more specialties than any other care provider according to U.S. News & World Report. As we work together to put the needs of the patient first, we are also dedicated to our employees, investing in competitive compensation and comprehensive benefit plans - to take care of you and your family, now and in the future. And with continuing education and advancement opportunities at every turn, you can build a long, successful career with Mayo Clinic.
Benefits Highlights
- Medical: Multiple plan options.
- Dental: Delta Dental or reimbursement account for flexible coverage.
- Vision: Affordable plan with national network.
- Pre-Tax Savings: HSA and FSAs for eligible expenses.
- Retirement: Competitive retirement package to secure your future.
About the Team
Just as our reputation has spread beyond our Minnesota roots, so have our locations. Today, our employees are located at our three major campuses in Phoenix/Scottsdale, Arizona, Jacksonville, Florida, Rochester, Minnesota, and at Mayo Clinic Health System campuses throughout Midwestern communities, and at our international locations. Each Mayo Clinic location is a special place where our employees thrive in both their work and personal lives. Learn more about what each unique Mayo Clinic campus has to offer, and where your best fit is.
Equal Opportunity
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, protected veteran status or disability status. Learn more about the "EOE is the Law". Mayo Clinic participates in E-Verify and may provide the Social Security Administration and, if necessary, the Department of Homeland Security with information from each new employee's Form I-9 to confirm work authorization.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.