Information Security Architect
Company: Highmark Health
Location: Carson City
Posted on: March 19, 2023
|
|
Job Description:
**Company :**
HM Health Solutions
**Job Description :**
**JOB SUMMARY**
Execute a process to develop a security architecture that processes
information of various levels of sensitivity. The security
architecture must be compliant with existing enterprise technical
security control requirements models. Produce gap analysis
documentation to identify any gaps between specific technical
security requirements and the architecture of the system and
provide detailed technical recommendations on appropriate
mitigation measures. Advise and consult clients responsible for the
architecture, design, implementation, and deployment of technical
security controls on appropriate application of existing security
services to solve their problems or enable new business
opportunities. Research and evaluate new security technologies to
be used as point solutions to gaps where the project is unable to
take advantage of or needing greater functionality than reusable
enterprise security services. The security architecture work will
include network security, network defense, operating system
security identity, authentication and authorization, data
protection, application security, activity audit and monitoring,
mobile computing security, and partner/vendor access to corporate
systems/data.
**ESSENTIAL RESPONSIBILITIES**
+ Enhance security team accomplishments and competence by planning
delivery of solutions; answering technical and procedural questions
for less experienced team members; teaching improved processes;
mentoring team members.
+ Determine security requirements by evaluating business strategies
and requirements; conducting system security and vulnerability
analyses and risk assessments; identifying integration issues;
preparing cost estimates.
+ Plan security systems by evaluating network and security
technologies.
+ Implement security systems by specifying intrusion detection
methodologies and equipment; directing equipment and software
installation and calibration; preparing preventive and reactive
measures.
+ Enhance department and organization reputation by accepting
ownership for accomplishing new and different requests; exploring
opportunities to add value to job accomplishments.
+ May begin to provide leadership and mentoring in the areas of
expertise and architecture to peers, developers, management and
business users including technical expertise, coaching, and ad-hoc
training.
+ Support assurance compliance to required standards, procedures,
guidelines and processes.
+ Other duties as assigned or requested.
**REQUIRED EDUCATION**
Bachelor's Degree - Information Systems, Computer Science,
Information Security, or Engineering
**_Substitutions_**
No substitutions
**PREFERRED EDUCATION**
Master's Degree - Computer Science, Information Security or related
field
**EXPERIENCE**
**_Minimum:_**
+ 5 - 7 years' experience architecting solutions
+ 5 - 7 years' experience in Information Security
+ Experience communicating with business partners
**_Preferred:_**
+ 7 - 10 years' experience architecting solutions
**SKILLS**
+ Business communication skills, both written and verbal and able
to solve unconventional problems
+ Understanding of the TCP/IP protocol stack, application protocols
such as SNMP, SMTP, DNS, and DHCP; IPSec and SSL VPNs; SSL/TLS
protocol knowledge
+ Understanding of the information technology and information
security industries, their current developments, trends, issues,
and fundamental concepts
+ In-depth expertise in analyzing a wide spectrum of technical
systems and services robustness and needs, and making practical
recommendations to address them
+ Detailed knowledge of web, mobile, and client application
security vulnerabilities, attack methods, and countermeasures
+ Experience with common information security management
frameworks, such as HITRUST, ISO 27001, CobiT, ITIL
+ Knowledge of ubiquitous encryption technologies (PGP, SSH, SSL,
etc.) and common protocols (RADIUS, LDAP, KERBEROS, SAML, etc.)
+ Participate in evaluations and recommend solutions to support
enterprises security controls including: networking, firewalls,
IDS/IPS, data loss prevention, application security, infrastructure
security, and data security
**REQUIRED LICENSURE**
None
**PREFERRED LICENSURE**
Certified Information Systems Security Professional (CISSP),
Certified Information Security Manager (CISM), Certified
Information Security Auditor (CISA), etc.
**TRAVEL REQUIREMENT:**
0%- 25%
**LANGUAGE REQUIREMENT (** **_other than English_** **)?**
None
**PHYSICAL, MENTAL DEMANDS AND WORKING CONDITIONS**
( _The physical, mental demands and working conditions described
here are representative of those that must be met by an employee to
successfully perform the essential function of their job.
Reasonable accommodations will be made when necessary to enable
individuals with disabilities to perform the essential duties of
the position, to the extent that they do not cause undue
hardship._
**_Position Type:_**
Office-Based
**_Office-Based Positions_**
An employee in this position works in an office environment. The
position frequently requires the employee to communicate
effectively with others both inside and outside the workplace
(e.g., in person, via telephone, via email). The employee must be
able to understand, interpret and analyze data, solve problems,
concentrate, and research, use available technological resources
and systems (e.g., computers and computer programs), multi-task,
prioritize, and meet multiple deadlines to complete essential
tasks. The employee generally works in a fast-paced and frequently
stressful environment, must attend work on a regular and reliable
basis as well as adhere to all workplace policies, and may be
called upon to work outside regular business hours.
Teaches/Trains others regularly
Occasionally
Travels regularly from the office to various work sites or from
site-to-site
Occasionally
Works primarily out-of-the office selling products/services (Sales
employees)
Never
Physical Work Site Required
Yes
**_Most On-The-Road Positions_**
An employee in this position may work in a home or company office
environment but is also frequently driving to and from various
locations to perform the work off-site. The position frequently
requires the employee to communicate effectively with others both
inside and outside the workplace (e.g., in person, via telephone,
via email). The employee must be able to understand, interpret and
analyze data, solve problems, concentrate, and research, use
available technological resources and systems (e.g., computers and
computer programs), multi-task, prioritize, and meet multiple
deadlines to complete essential tasks. The employee generally works
in a fast-paced and frequently stressful environment, must attend
work on a regular and reliable basis as well as adhere to all
workplace policies, and may be called upon to work outside regular
business hours.
**_Non-Office-Based Positions_**
An employee in this position is frequently required to move
throughout the workplace, sit, stand and walk, use hands and
fingers to hold objects, tools or controls, possess fine motor
skills (e.g., to write and operate a computer or to steer
transportation equipment), possess gross motor skills (e.g., to
carry items), reach with hands and arms, climb stairs and ladders,
balance, stoop, kneel crouch and crawl, communicate effectively,
and talk and hear. Specific vision abilities required by the job
include close vision, distance vision, color vision, peripheral
vision, depth perception, and the ability to adjust focus. The
employee must be able to work in a busy environment where decisions
often must be made quickly, must attend work on a regular and
reliable basis, must adhere to all workplace policies, and may be
called upon to work outside regular business hours. This work
occurs in a [example: warehouse, hospital or provider's office or
mailroom].
Lifting: up to 10 pounds
Does Not Apply
Lifting: 10 to 25 pounds
Does Not Apply
Lifting: 25 to 50 pounds
Does Not Apply
**ADDITIONAL INFORMATION**
**Changes Approved By:**
Kathleen Thompson
**_Disclaimer:_** _The job description has been designed to
indicate the general nature and essential duties and
responsibilities of work performed by employees within this job
title. It may not contain a comprehensive inventory of all duties,
responsibilities, and qualifications required of employees to do
this job._
**_Compliance Requirement:_** _This position adheres to the ethical
and legal standards and behavioral expectations as set forth in the
code of business conduct and company policies_
As a component of job responsibilities, employees may have access
to covered information, cardholder data, or other confidential
customer information that must be protected at all times. In
connection with this, all employees must comply with both the
Health Insurance Portability Accountability Act of 1996 (HIPAA) as
described in the Notice of Privacy Practices and Privacy Policies
and Procedures as well as all data security guidelines established
within the Company's Handbook of Privacy Policies and Practices and
Information Security Policy. Furthermore, it is every employee's
responsibility to comply with the company's Code of Business
Conduct. This includes but is not limited to adherence to
applicable federal and state laws, rules, and regulations as well
as company policies and training requirements.
**Pay Range Minimum:**
$78,900.00
**Pay Range Maximum:**
$146,000.00
_Base pay is determined by a variety of factors including a
candidate's qualifications, experience, and expected contributions,
as well as internal peer equity, market, and business
considerations. The displayed salary range does not reflect any
geographic differential Highmark may apply for certain locations
based upon comparative markets._
Highmark Health and its affiliates prohibit discrimination against
qualified individuals based on their status as protected veterans
or individuals with disabilities, and prohibit discrimination
against all individuals based on their race, color, age, religion,
sex, national origin, sexual orientation/gender identity or any
other category protected by applicable federal, state or local law.
Highmark Health and its affiliates take affirmative action to
employ and advance in employment individuals without regard to
race, color, age, religion, sex, national origin, sexual
orientation/gender identity, protected veteran status or
disability.
EEO is The Law
Equal Opportunity Employer Minorities/Women/Protected
Veterans/Disabled/Sexual Orientation/Gender Identity (
_https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf_
)
We endeavor to make this site accessible to any and all users. If
you would like to contact us regarding the accessibility of our
website or need assistance completing the application process,
please contact number below.
For accommodation requests, please contact HR Services Online at
HRServices@highmarkhealth.org
California Consumer Privacy Act Employees, Contractors, and
Applicants Notice
Req ID: J214322
Keywords: Highmark Health, Reno , Information Security Architect, Other , Carson City, Nevada
Click
here to apply!
|