Cybersecurity Architect

Cybersecurity Architect, Fresenius Management Services, Inc., a Fresenius Medical Care N.A. company, Lexington, Massachusetts (Remote)

Responsible for the architecture, design and development of standards, processes, tools, technologies, and security service offerings. Will leverage leading-edge technologies, and innovative approaches to position Fresenius Medical Care for measurable success, improving efficiency, increasing security posture, supporting aggressive growth, and improving the organization's overall cybersecurity posture. Specific duties will include the following:

• Works closely with engineering, operations, and security specialists to ensure adequate security solutions and controls are in place throughout all IT systems and works to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.
• Assess and understand the organization's current security posture and future architecture requirements, providing recommendations for improvement and risk reduction.
• Ensures implemented solutions support cybersecurity architecture objectives (availability, scalability, performance, security, etc.), as appropriate, and monitors implementation activities to ensure architecture and design principles are upheld.
• Supports the implementation of technical artifacts (frameworks, standards, and repeatable patterns, etc.) that constitute the enterprise information security architecture and solutions and work with infrastructure teams to ensure adoption.
• Serve as a security expert in endpoint security, cloud security, application development, database design, network and/or platform (operating system) efforts, acquisitions and divestitures, helping project teams, complying with enterprise and security policies, industry regulations, and best practices.
• Design security configuration guidelines for information technology devices and systems, as well as mechanisms for assessing compliance within those guidelines.
• Participate in the design and implementation of a comprehensive Zero Trust Architecture framework to ensure the confidentiality, integrity, and availability of our systems and data.
• Contribute to the creation of security policies, access controls, and authentication mechanisms based on Zero Trust principles.
• Evaluate existing network and security infrastructure, identify vulnerabilities, and recommend enhancements to align with Zero Trust principles.

Requirements:

Position requires either (i) a Bachelor's degree (or an equivalent foreign degree) in Computer Science, Information Systems, Information Security or a closely related field and 5 years of experience as a Security Engineer or (ii) a Master's degree (or an equivalent foreign degree) in Computer Science, Information Systems, Information Security or a closely related field and 3 years of experience as a Security Engineer

Must also have 3 years of experience (which can have been gained concurrently with either primary experience requirement above) working with the following:

• Network architecture, security protocols and security technologies;
• Cloud computing platforms (AWS, Azure or Google Cloud) and their associated security services.
• Security frameworks and standards including specifically ISO 27001, NIST, and CIS;

• The OWASP, SANS Top 20 and prevention/remediation techniques and their implementation.
• Deploying, maintaining, supporting and analyzing DAST/SAST scan results; and

• Architecting, configuring and managing security tools including Security information and event management (SIEM) systems, firewalls, IDS/IPS (Intrusion Detection/Prevention Systems), and DLP (Data Loss Prevention) solutions.

This is a telecommuting position working from home. May reside anywhere in the United States. #LI-DNI

EOE, disability/veterans