Security Architect

Cloud, Git, Ruby, Python, Bash, Meraki, Cisco, Risk Management, VRM, Computer Forensics, Security+, SANS, CISSP, O365, gSuite, Azure, IAAS, AWS, Healthcare, HITECH, HIPAA, Network Security
Full Time
$130,000 - $160,000
Work from home available Travel not required

Job Description

We are seeking a seasoned technologist with experience selecting/designing, integrating, installing, and operationalizing security infrastructure. The ideal candidate is passionate about security and uses that drive to help the organization maintain and enhance our security posture and controls. This is a hands-on role that will lead the design and deployment of both process and technical controls to identify misuse of assets, mitigate compromises, ensure appropriate monitoring, respond to client security requests and testing procedures, and to perform security incident handling and troubleshooting.

What you ll do

  • Implement enhancements and close gaps (process and technology) in the existing Information Security Management Program
  • Assist with overall corporate maintenance of compliance with the Health Insurance Portability and Accountability Act (HIPAA & HITECH)
  • Design, document, and lead the execution of security policies, processes, and procedures
  • Lead development of security architectures, requirements, and test procedures
  • Complete internal and third-party/vendor security audits, perform security testing, and demonstrate how Crossover leverages state of the art security tools and techniques to protect and secure highly sensitive health information
  • Test and deploy new security technology; Maintain existing technologies; Use data and reports from systems to identify and remediate gaps in security architecture
  • Conduct research and make recommendations on products, services, protocols, and standards in support of infrastructure and application security

What you ve done

  • 6+ years experience designing and deploying security policies and technical solutions

  • 3+ years experience managing multiple simultaneous technical/security implementation projects
  • 2+ years working in a Security role within a regulated industry (such as Banking, Aerospace, Healthcare, and Defense)

  • Process oriented, with an understanding of how to design and deploy policies and procedures that end users can adopt
  • Acquired a working knowledge of auditing, risk, and threat analysis, contingency planning, and creation / maintenance of security standards
  • Secured highly sensitive data/information while working in a primarily IaaS (such as AWS or Azure) and SaaS (such as gSuite or O365) based infrastructure
  • Used data analysis (system telemetry, management consoles, system reports, log output) to identify risks and steer priorities and goals
  • Clear, consistent communication skills: in writing, in discussion, and in code
  • Exhibits ability to comfortably work in time-critical / high-pressure situations and environments, while providing a great customer experience

  • Kept patient safety and security a top priority in your deliverables
  • Continuously sought and embraced opportunities to build upon your skills and knowledge
  • Ability to work independently, as well as in a team environment

Education and Certifications:

  • Received a Bachelor s degree in Information Technology, Computer Science, related major OR equivalent on the job experience in the Security field
  • Attained security certifications, such as CISSP, SANS, Security +, OSCP, etc.

Required Competencies:

  • Demonstrated competence with the following practices and concepts:
    • Computer Forensics - Understands basic concepts of the full life-cycle of forensic investigation and analysis
    • Configuration Management - knowledge of the principles and methods for control of changes made to information systems components
    • Encryption - Knowledge of procedures, tools, and applications used to keep data or information secure
    • Network Security - Knowledge of methods, tools, and procedures, to protect the organization s system boundaries and to prevent information systems vulnerabilities and restore security of information systems / network services
  • Gained proficiency with the following classes of security tools:
    • Vulnerability Risk Management (VRM)
    • Security information / Event management (SIEM)
    • Intrusion Detection/Prevention System (IDS/IPS) and Firewall tools
    • Endpoint Detection and Response (EDR) / Anti-virus products
    • User Behavior Analytics (UBA)

  • Experience with the following technologies (as it relates to using, deploying, and securing):

    • MacOS (desktop), Linux (server), and Windows (desktop and server)
    • Cisco Meraki network appliances and tools
    • Scripting skills, such as bash, Ruby, Python
    • Distributed source control systems (we use Git)
    • IaaS concepts, such as AWS, Google Cloud, or Azure

Bonus Points for

  • Experience with automation and configuration version control (e.g., Ansible, Puppet, etc.)
  • Experience with Healthcare delivery organizations (Clinics, private practices, specialists, etc.)
  • Familiarity with DevOps and/or Agile methodologies
  • Experience working in Start-ups and/or Scale-ups
Dice Id : 1047482SC
Position Id : 6058767
Have a Job? Post it