IS Security Architect
Cancer care is all we do
Hope in healing
Cancer Treatment Centers of America® (CTCA), part of City of Hope, takes a unique and integrative approach to cancer care. Our patient-centered care model is founded on a commitment to personalized medicine, tailoring a combination of treatments to the needs of each individual patient. At the same time, we support patients’ quality of life by offering therapies designed to help them manage the side effects of treatment, addressing their physical, spiritual and emotional needs, so they are better able to stay on their treatment regimens and get back to life. At the core of our whole-person approach is what we call the Mother Standard® of care, so named because it requires that we treat our patients, and one another, like we would want our loved ones to be treated. This innovative approach has earned our hospitals a Best Place to Work distinction and numerous accreditations. Each of us has a stake in the successful outcomes of every patient we treat.
The Information Security Architect plays an integral role in defining and assessing CTCA’s strategy, architecture and practices. The Security Architect will be required to effectively translate business objectives and risk management strategies into specific information security processes enabled by information security technologies and services. Works closely with Information Services, Compliance, and Information Owners to identify appropriate solutions, related risks and the appropriate strategies to accept, transfer, reduce, or mitigate risk. The Security Architect advocates for security requirements and objectives with these constituencies, while ensuring that security architectures and practices do not impede the needs of the business.
Skills, Education and Additional Information
Four-year university degree or college diploma in the field of Information Security, Computer Science, Information Systems or related field is required.
Preferred experience in using security architecture methodologies such as SABSA, Zachman and/or TOGAF.
Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, IPS, web application firewalls (WAFs), endpoint protection, SIEM, and DLP technology as well as vulnerability and configuration management tools.
Verifiable experience or strong working knowledge of manual or technical reviewing application code for security vulnerabilities.
Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
Experience designing the deployment and management of applications and infrastructure into public cloud services.
Full-stack knowledge of IT infrastructure including securing: Applications, Databases, Operating systems (Windows, Unix/Linux and Mac), Hypervisors, IP networks (WAN and LAN), Storage networks, CI/CD pipelines, Backup networks and media, and Containers/Kubernetes
Direct experience or strong working knowledge of designing IAM technologies and services using: Active Directory, Azure Active Directory, Lightweight Directory Access Protocol (LDAP), Privileged Access Management, Multifactor Authentication, and Amazon Web Service (AWS) IAM
Strong working knowledge of IT service management (e.g., ITIL-related disciplines): Asset management, Configuration management, Incident management, Problem management, Change management, and Vendor/Supplier Management.
Business related skills in strategic planning, communication, financial analysis, and project management.
Knowledge and understanding of relevant:
Legal and regulatory requirements including HIPAA, HITECH, CMS, and PCI-DSS
Standards and frameworks including ITIL and NIST
Privacy and data protection practices including CCPA and GDPR,
Security architecture frameworks such as SABSA or TOGAF
Professional security management certification, such as a ISC2’s CISSP, ISACA’s CISA, CRISC or CISM, SANS GDSA, Open Group TOGAF or other similar credentials, is desired. SABSA Foundation, Practitioner and or Master preferred.
Demonstrate the following key behaviors and competencies: adaptability, business acumen, openness to learning, and conceptual thinking.
Ability to develop strong working relationships and compromise, persuade and negotiate effectively.
Self-motivated with ability to prioritize multiple objectives under tight deadlines and ability to work independently with little to no oversight.
Each CTCA employee is a Stakeholder, driven to make a true difference and help win the fight against cancer. Each day is a challenge, but this unique experience comes with rewards that you may never have thought possible. To ensure each team member brings his or her best self, we offer exceptional support and immersive training to encourage your personal and professional growth. If you’re ready to be part of something bigger and work with a passionate, dynamic group of care professionals, we invite you to join us. Visit: Jobs.cancercenter.com to begin your journey.
We win together
Each CTCA employee is a Stakeholder, driven to make a true difference and help win the fight against cancer. Each day is a challenge, but this unique experience comes with rewards that you may never have thought possible. To ensure each team member brings his or her best self, we offer exceptional support and immersive training to encourage your personal and professional growth. If you’re ready to be part of something bigger and work with a passionate, dynamic group of care professionals, we invite you to join us.
Visit: Jobs.cancercenter.com to begin your journey.
Job Status: Full Time
Job Reference #: JR-09363