Consultant Enterprise Security ArchitectLouisville, Kentucky
The Kindred Consultant Enterprise Security Architect is a senior member of the security team and is responsible for ensuring the ongoing alignment of information security program objectives with Kindred Healthcare business objectives. With minimal oversight from the VP and CSO, the incumbent will contribute to the development and maintenance of security strategy and associated roadmaps, determine security requirements, plan, implement, and test security systems and solutions, monitor security control and solution effectiveness, implement security standards, policies, and procedures, and mentor team members.
Ensures the Kindred VP and CSO is kept current on all issues, threats, and vulnerabilities relevant to the information security program;
Leads as the enterprise technical security subject matter expert;
Works with solution owners and IT stakeholders to ensure understanding of security principles and requirements;
Designs effective security solutions to support organizational business objectives and provides guidance and oversight to implementation teams to ensure security objectives are met through the implementation process, including operations;
Effectively communicates solutions and requirements at all levels and obtains executive buy-in and support;
Ensures that the information security strategy and roadmap supports security and business objectives as the Kindred security risk environment changes;
Analyzes information security systems and applications, recommending and developing measures to protect information against unauthorized modification, access, or loss;
Determines security requirements by evaluating business strategies, use cases, and functional requirements, providing information security standards, conducting system security and vulnerability analyses and risk assessments, integrating security controls with the solution architecture/platform, identifying integration issues, and preparing cost estimates;
Develops Kindred security models and reference architectures;
Provides technical security training to IT staff;
Develops, reviews, approves test plans for solutions to ensure that security controls are effective and security and business requirements are met;
Participates in the development of hardware/software/network security standards, requirements, procedures, and guidelines that support information security policies and best practices.
Expert in SABSA, ISO, NIST, COBIT, COSO, TOGAF, WSA, Cloud Security Architecture, and designing security solutions compliant with the relevant frameworks and standards;
Expertise in relevant information technologies, including: Windows, UNIX, mainframe, Active Directory, Azure, AWS, SQL, Oracle, DBMS, PKI, SAML, SOA, LAN/WAN;
Deep technical understanding of and experience with security technologies including, but not limited to, intrusion detection/prevention, SEIM, DLP, firewall, antivirus, anti-spam, etc.;
Demonstrated experience with DevSecOps, Agile, etc., and associated tools and technologies;
Experience overseeing the remediation of vulnerabilities, and performing security design/architecture reviews, code reviews, and penetration tests of large applications, systems and/or networks;
Strong critical thinking and analytical skills;
Strong experience with the use of security-focused metric collection and analysis at scale
Good working knowledge of HIPAA, NIST, SOX, ISO 27001, and PCI-DSS;
Strong interpersonal skills and excellent organization skills;
Self-starter, detail-oriented, with proven ability to deliver results and deal with ambiguity and lack of precedent.
Bachelor’s degree in Computer Science or experience equivalent
CISSP-ISSAP (preferred), CISSP-ISSEP
10-12 years of experience working with information security controls, frameworks and regulatory requirements in healthcare, including 5 years of experience in a senior security architect role
Depending on a candidate’s qualifications, this position may be filled at a different level.
Sign up for Job Alerts
Get the latest job openings based on your skills and background sent directly to your inbox.
Connect with Our Recruiters
Share some preliminary info about yourself and we will contact you to discuss your career and future opportunities.