At MemorialCare Health System, we believe in providing extraordinary healthcare to our communities and an exceptional working environment for our employees. MemorialCare stands for excellence in Healthcare. Across our family of medical centers and physician groups, we support each one of our bright, talented employees in reaching the highest levels of professional development, contribution, collaboration and accountability. Whatever your role and whatever expertise you bring, we are dedicated to helping you achieve your full potential in an environment of respect, innovation and teamwork.
The Systems Security Architect is responsible for designing a security system or major components of a security system. This individual will use network security technologies, frameworks (NIST, ISO, HIPPA) and solutions to design information security architectures throughout the enterprise, and use application frameworks, security concepts, and strategies that align with network and security industry best practices, in addition to supporting mission and values of MemorialCare. The Systems Security Architect is responsible for helping to define guidelines, best practices, writing policies/standards and driving adoption of new information security architectural designs. They will deliver cloud architectural guidance and conduct regular security consultancies for the business. The individual must regularly collaborate with the Enterprise Technology department and wider business operations to address information security and compliance challenges, promote security awareness, and engage in a wide variety of information security-related projects and initiatives. As projects arise, the Systems Security Architect may lead team efforts, working to design and build new security systems or optimize components of existing security systems.
In addition to the above description, the following duties are required:
* Leads the development and execution of security architecture and engineering, supporting enterprise initiatives. Drives efforts to validate that strategic direction is in alignment with business operations strategy.
* Conducts business level security architecture assessments to evaluate existing security program(s) and cloud application architecture. Identifies weaknesses and makes appropriate recommendations.
* Produces security metrics reporting the state of application security programs and performance against emerging threats.
* Collaborates with key stakeholders and team members, to assess current application security environments with regulatory and industry requirements. Informs areas of noncompliance/gaps to be remediated for all application security requirements, including; PCI-DSS, GDPR and other state regulations/industry standards.
* Stays current with security technologies such as cloud platform security, dev-ops security, identity and access products, endpoint security products, network security technology and mobile security technologies. Evaluates and makes recommendations based on business value.
* Functions as an application security spokesperson translating security concepts into language that is meaningful to varying audiences, including business and technical leaders. Integrates new and existing security tools, standards, and processes into the development life cycle, including static analysis and runtime testing tools.
* Designs, evaluates, and documents remediation processes and leads teams in accomplishing process reviews and improvements.
* Defines, implements, and maintains corporate security policies.
* Manages and improves Information Technology Infrastructure Library (ITIL)-based processes used to support security solutions: Incident Management, Requests Fulfilment, Change Management, and Problem Management.
* Assumes technical ownership of critical areas of MemorialCare’s operational security including privileged access management, asset & vulnerability management, intrusion detection & prevention, and security analytics & visibility.
Minimum Requirements/ Work Experience
* Minimum of 9 years of progressive experience in Information Technology and/or Security Healthcare IT experience preferred.
* Bachelor's degree in Computer Science, Information Systems or Business required.
* Demonstrated strong understanding of information security across all security domains and the relationship between threats, vulnerabilities, and information value in the context of risk management.
* Proven understanding of security for structured databases and unstructured data, such as access controls, encryption, and monitoring.
* Must collaborate with colleagues at all levels and deliver results in a timely fashion with minimal direction.
* Proven working knowledge of technology used in modern data center environments, such as virtualization, containerization, cloud, high availability and disaster recovery.
* Established understanding of Software Development Lifecycle (SDLC) and Infrastructure Development Lifecycle (IDLC) processes.
* Proven ability to work with compliance frameworks and requirements such as PCI, HIPAA, GDPR, and SOX.
Internal Number: MEM003578
About MemorialCare Health System
Let us introduce ourselves. We're MemorialCare, a nonprofit health system that includes four hospitals, two medical groups, imaging centers, surgical centers and much more. As one of the leading health systems in Orange County and Los Angeles County, we're confident that no matter what your needs are, we have the teams, tools and know-how to support you every step of the way.
BACK TO TOP
American College of Preventive Medicine
455 Massachusetts Avenue NW, Suite 200
Washington, DC 20001