IT Security Architect (GRC)
Location: Milwaukee, WISEND RESUME
Major medical/health care organization in the Milwaukee area is investing in an expansion of their IT security organization. This IT Security Architect is a senior member of the security team and will play a direct role in forming and implementing a new cybersecurity strategy for this organization.
As a senior member of Information Security team the enterprise security architect plays an integral role in defining and assessing the organization’s security strategy, architecture and practices. The enterprise security architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services, evaluate and incorporate emerging technologies and evaluate changes to the threat landscapes. Interacts with senior leaders across the enterprise and acts as a trusted senior advisor.
- Develop and maintain a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
- Develop security strategy plans and roadmaps based on sound enterprise architecture practices.
- Develop and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
- Track developments and changes in the digital business and threat environments to ensure that they’re adequately addressed in security strategy plans and architecture artifacts
- Participate in application and infrastructure projects to provide security-planning advice
- Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO
- Determine baseline security configuration standards for operating systems (e.g., OS hardening), network segmentation, and identity and access management (IAM)
- Develop standards and practices for data encryption and tokenization in the organization, based on the organization’s data classification criteria
- Conduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application
- Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool
- Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the network operations center (NOC)
- Coordinate with the compliance office to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured (e.g., encryption and tokenization)
- Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable
- Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems
- Review network segmentation to ensure least privilege for network access
- Liaise with the vendor management (VM) team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property (IP), as well as regulated or other protected data:
- Software as a service (SaaS) providers
- Cloud/infrastructure as a service (IaaS) providers
- Managed service providers (MSPs)
- Evaluate the statements of work (SOWs) for these providers to ensure that adequate security protections are in place. Assess the providers’ SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required “user controls” and report any findings to the CISO and vendor management teams
- Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls
- Support the testing and validation of internal security controls, as directed by the CISO or the internal audit team
- Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics
- Coordinate with operational and facility management teams to assess the security of operational technology (OT) and Medical Devices and systems
- Liaise with other security architects and security practitioners to share best practices and insights
- Liaise with the business continuity management (BCM) team to validate security practices for BCM testing and operations when a failover occurs
Required Skills and Experience:
- Bachelors in Computer Science plus at least ten years’ experience is required plus the following experience:
- Direct, hands-on experience or strong working knowledge of managing security infrastructure — e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
- Strong working knowledge of vulnerability management practices and tools
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
- Direct experience designing IAM technologies and services such as AD, LDAP, and/or AWS IAM
- Strong working knowledge of IT service management – ITIL related services – Change management, Configuration management, Asset management, Incident management, Problem management, etc…
- Experience designing and securing applications and infrastructures in cloud environments such as AWS and/or Azure
- In-depth knowledge of cybersecurity frameworks including but not limited to NIST CF, HITRUST CSF, ISO 27001.
- Strong knowledge of laws and regulations including but not limited to PCI-DSS, HIPAA-HITECH.
- Experience in using architecture methodologies such as SABSA, Zachman, or TOGAF
- Strong oral and presentation skills.