Sr. Principal Cyber Security Architect at MEMORIAL HEALTH SERVICES in Fountain Valley, California

Job Description:

Members of the MemorialCare System Cybersecurity job family implement security systems, analyze current systems for vulnerabilities, and work collaboratively, to protect computer systems, networks, and data. MemorialCare's Cybersecurity Team uses industry standards and cybersecurity intelligence to implement security measures to mitigate risks and respond to incidents.

Sr. Principal Cybersecurity Architects are experts in information security, analysis, and control solutions. They focus on multiple cybersecurity functions and partner with a team of experts to ensure MemorialCare's technology teams are building solutions that enhance our security from all angles. They spearhead ongoing IT security control initiatives and are involved in cybersecurity response, control development and risk management. They collaborate across our global technology teams and lines of business to ensure we have the proper policies and controls in place. Sr. Principal Cybersecurity Architects serve as a central point of contact to ensure operations and strategy are working as planned. They work with the primary stakeholders and help develop and implement programs that will mature MemorialCare. Additionally, as a recognized subject matter expert in cybersecurity and risk, they engage in strategic dialogue with business and technology leaders from across the company and have a direct influence on the future state of cybersecurity at MemorialCare.

Essential Functions and Responsibilities of the Job

• Minimum 11 years technical specialist or equivalent IT security experience
• Demonstrated ability to plan, manage and implement large scale security systems/projects
• Proven ability to work cross-functionally with other technologies and program teams
• Experienced integrating new architectural analysis of cybersecurity features and relates existing system to future needs and trends
• Demonstrated strategic vision with a track record of successful delivery of business objectives
• Proven mastery of multiple business disciplines and functions, including risk and control assessments, access controls, secure systems development lifecycle, vulnerability management, and data protection
• Demonstrated broad knowledge of current and emerging technologies used both within the corporate infrastructure and in delivering customer facing services.
• Proven understanding of security for structured databases and unstructured data, such as access controls, encryption, and monitoring.
• Proven working knowledge of technology used in modern data center environments, such as virtualization, containerization, cloud, high availability and disaster recovery
• Established understanding of Software Development Lifecycle (SDLC) and Infrastructure Development Lifecycle (IDLC) processes
• Proven ability to work with compliance frameworks and requirements such as PCI, HIPAA, GDPR, and SOX
• Proven strong security architecture and network design experience
• Established technical knowledge of overall organizational IT infrastructure and software administration protocols.
• Demonstrated hands on experience in building and troubleshooting complex technology deployments
• Experienced in securing a wide variety of systems in many different operating environments
• Demonstrated extensive knowledge of Health Care industry security/privacy policies, regulatory issues and requirements (HIPAA, HITECH, NIST, PCI) with previous participation in organizational policy development and compliance

• Master's degree or an equivalent combination of education and relevant experience
• Certified Information Systems Security Professional (CISSP) preferred
• Cisco Certified Network Professional (CCNP) preferred
• Windows Server Certification Preferred
• PMP or equivalent preferred