Full-time
Sr. Information Security Architect - AltaMed - Los Angeles, CA

The Senior Information Security Architect by definition is a Technical Manager who serves as the InfoSec Center of Excellence. This person is responsible for Information Security Management which includes researching, evaluating, recommending, and validating complex and broad-based security system designs and information security controls that deliver on accepted information and cyber security best practices, healthcare, privacy and PCI regulatory compliance and the AltaMed Information Security Policy. This individual partners with all areas of the business and information technology organization to drive security requirements, and deliver on security objectives within product development, business process design, IT and business operations development, software development, and their respective life-cycles. Develop and review architecture artifacts and manage adherence to architecture standards.
Responsibilities:
Serves as technology manager and "Information Security Center of Excellence" in network, infrastructure, application, end point, database, operating system and cloud security, helping project teams comply with enterprise and IT security policies, industry regulations and best practices. Assists with interpretation of information security policies, standards, and other requirements as they relate to specific internal and externally hosted IT systems, and assists internal and external technology teams in the implementation of information security requirements. Recommends security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates. Participates in ensuring that IT Security controls meet the requirements of all regulatory and/or contractual requirements; HIPAA, PCI Security Standards, State and Federal Privacy Laws, etc. Assists in the designing and engineering of internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability Serves as an active member of incident response teams and participates in security incident response efforts by having an in-depth knowledge of common security exploits, vulnerabilities and countermeasures. Acts as a technical consultant on information security incident investigations and forensic technical analyses. Ensure all areas of the Information System and Technology environment adhere to established standards of good practice or defined frameworks (NIST, ISO, COBIT, etc.)
Qualifications:
Bachelor’s Degree in Computer Science, Health / Business Administration or Information Technology Minimum of 7 years of progressive experience in information security as an engineer or architect. In lieu of a college degree, 9 years of progressive experience in information security as an engineer or architect. Knowledge and understanding of relevant legal and regulatory requirements (i.e. HIPAA, PCI, Privacy, etc.) is required. At least one security industry certification is required (CISSP, CISM, CISA or SANS). Knowledge of healthcare industry and hospital operations preferred. Appropriate certification in risk management and/or health care compliance desirable.

Expired, click here to search for relevant jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.