Enterprise Security Architect

Nevada System of Higher Education•Skokie, IL

3d•Hybrid

About The Position

The Enterprise Security Architect will collaborate with IT Security, Enterprise Architecture, and technical and application engineering teams, as well as various clinical and non-clinical stakeholders, in the secure design and architecture of new and existing technologies supporting the Endeavor Health mission and vision. The incumbent will participate in aligning clinical and business objectives with IT and IT Security initiatives leading to more efficient, effective, and secure operations. The Enterprise Security Architect will participate in conversations to help drive strategic decisions with respect to organizational security investment and risk reduction goals. They will also help secure appropriate technical capabilities, services, and applications based on their deep understanding of clinical and business objectives, cost efficiency, and risk management principles. The Enterprise Security Architect also evaluates existing IT systems, services, and applications for efficiencies, performance, security, risk, and cost improvements. The Enterprise Security Architect will provide technical expertise in his or her respective domains (3 or greater) collaborating with security and technical engineers and architects, application teams, and clinical and non-clinical business units to develop the enterprise architecture strategy. This individual will work with the CISO and Deputy CISO on the effective management and delivery of complex security architecture and solutions, maintaining focus on quality, risk, and cost management, while navigating operational and organizational dynamics. The incumbent will remain updated on the latest security threats, practices, solutions, and technologies and advocate for the adoption of cybersecurity and healthcare industry best practices.

Requirements

Bachelor’s Degree, or equivalent, in a technical, engineering, or investigative academic discipline, or an equivalent work history and educational background supported by expert-level security certifications relevant to the role.
Two or more expert-level security platform or capability certifications (preferred - see below)
Nine (9) years in a dedicated, advanced or expert-level IT security engineering role with demonstrated, consistent performance leading security initiatives and developing use cases.
Minimum of four (4) years in security architect roles
Minimum of two (2) years in security project delivery roles, including experience with contracting, architecture, design, and implementation.
Previous experience developing and contributing to a comprehensive, enterprise cybersecurity strategy.
Demonstrated experience instructing, mentoring, or developing junior team members.
Industry preferred certifications including but not limited to; CISSP, CRISC, TOGAF, CCSP, SABSA, Microsoft SC-100, AWS (Solutions Architecture or Security).
Expertise in security frameworks and regulations such as HIPAA, ITIL, NIST, PCI, SDLC, and Project Management principles.
Excellent verbal and written skills essential for providing positive customer service and good communication with various business leaders and front-line staff.
Experience with aligning business objectives to IT and IT Security initiatives and delivering security architecture solutions to support an enterprise mission, vision, and strategy.
Has a comprehensive understanding of all aspects of cybersecurity within a healthcare or critical infrastructure environment, including advanced threat landscapes and regulatory compliance.
Expert at securing IT platforms according to recognized security and risk management frameworks.
Demonstrates analytical and critical thinking for problem solving and issue resolution.
A lean towards curiosity, out-of-the-box thinking, and innovative.
Ability to manage multiple projects simultaneously.
Personal and ethical accountability.
A team player attitude.
A valid driver’s license is required if the incumbent is selected to perform related duties at an off-site location. If the incumbent uses his or her personal vehicle, the incumbent must maintain automobile liability coverage as required by law and evidence of such coverage may be requested.

Nice To Haves

Previous healthcare experience.

Responsibilities

Develops complex enterprise security architecture strategies to drive value for the organization while adhering to quality, growth, and risk management directives for the enterprise.
Provides insight into a security function or specialty through analysis and knowledge of leading practices to solve complex problems, driving thought leadership and innovation.
Develops proposals, responds to business requirements, and provides subject matter expertise.
Serves as a communication and collaboration bridge between various departments and external partners leading to better project outcomes and a more cohesive and secure work environment.
Aligns security architecture and security engineering with the organization's business objectives, IT strategies, and Cybersecurity goals.
Reduces costs and improves resource allocation by optimizing the IT and IT Security infrastructure while eliminating redundancies.
Identifies, secures, and integrates new technologies to drive business growth and enable the organization to respond quickly to emerging threats, new technologies, and market changes.
Contributes to the development of IT and security roadmaps, driving the future state of security and technology for the enterprise, in alignment with IT Security, Enterprise Architecture, and technical and application engineering teams, as well as various clinical and non-clinical stakeholders.
Aligns cybersecurity posture with business strategies and objectives.
Explains emergent security technology trends, cyber threats, and threat actor techniques and procedures in terms appropriate for operational partners and business leaders.
Stays current with IT and cybersecurity platform technologies, architectures, leading practices and methodologies.
Participates in On-Call rotation and performs other duties as assigned.