The Security Architect is a senior security resource, that provides enterprise guidance on security related issues, driving security strategy and improving the security posture of the organization including but not limited to technical infrastructure, processes, design, assessment, implementation, awareness, and governance. Security Architect provides leadership, experience, and expertise to project teams. Develops and participates in complex security program management and design. Ensures alignment of security controls to risk as it relates to individual business units, enterprise, and vendor risk management, and provides guidance accordingly. Serves as a security subject matter expert as part of an in-house, on-shore, and off-shore security architecture team responsible for securing the enterprise information and systems by determining security requirements across enterprise projects; planning, designing, and documenting security systems; preparing security standards, policies, and procedures. The ideal candidate will possess a strong information security and project execution background.
ESSENTIAL FUNCTIONS OF THE ROLE
Perform complex and systemic risk assessment and support project efforts to attain timely and effective secure designs.
Investigate and resolve problems and inefficiencies and enhance the enterprise risk mitigation stance. Possess deep technical understanding and demonstrated the ability to apply security related knowledge for practical and timely outcomes.
Must be able to effectively communicate the conceptual and logical design of holistic enterprise security solutions.
Collaborate with business units, application development teams, and third-party vendors to achieve program requirements while enabling the business.
Manage security projects to ensure the timely, on budget, and effective implementation of cyber security improvements that are operationally supported with validation methods in place to measure effectiveness.
Correlate data from different sources, make logical inferences about that data, and be able to publish results. Ability to develop tools and scripts to aid in data processing or other aspects of log and or security research.
Provide assistance in the review of firewalls, intrusion detection systems, intrusion prevention system and enterprise anti-virus software.
Offer / Implement recommendations for improvements in processes and procedures. Evaluate alerts and reports to assist in tuning security systems for accurate results.
Participates in cybersecurity control assessments providing risk-based gap analysis and prioritized remediation recommendations
Assist to remediate compromised endpoints through established processes and procedures and technology.
Review detailed log analysis. Provides / Review recommendations for remediation based on that review, correlation and log analysis. Prepare reports as requested.
KEY SUCCESS FACTORS
Deep analytical skills with sound and logical problem-solving capabilities.
Experience in writing enterprise-level architecture documentation and analysis.
Excellent critical thinking and logic skills to resolve security challenges.
Excellent written and verbal communication skills; Demonstrated ability to effectively explain complex concepts to others in less complex terms.
Ability to work with others in teams and share analysis and collaborate well on problems.
Ability to work efficiently and accurately under pressure with tight deadlines.
Self-motivated to identify and resolve issues in a large enterprise environment.
Must be flexible in filling various roles in project management processes
Our competitive benefits package includes the following
Immediate eligibility for health and welfare benefits
401(k) savings plan with dollar-for-dollar match up to 5%
PTO accrual beginning Day 1
Note: Benefits may vary based upon position type and/or level
Relevant bachelor’s degree in a technical field.
5+ Years of experience in cybersecurity, security architecture, security operations, and risk & compliance, covering security domains, including infrastructure, platform, endpoint, application, identity management, data protection, and resiliency.
Advanced experience with information security principles, practices, technologies, programs, and procedures, accompanied by an understanding of risk management methodologies
Experience designing and architecting network security solutions including firewall, site-to-site VPN, VDI, network access control, and other network enforcement solutions
Familiarity with information security standards and frameworks including ISO 27002, NIST, CIS Benchmarks, HIPAA, etc.
Industry-specific certifications preferred, such as CISSP, Security+, SANS GICSP, CISM, AWS certifications, etc.
Baylor Scott & White Health (BSWH) is the largest not-for-profit health care system in Texas and one of the largest in the United States. With a commitment to and a track record of innovation, collaboration, integrity and compassion for the patient, BSWH stands to be one of the nation’s exemplary health care organizations. Our mission is to serve all people by providing personalized health and wellness through exemplary care, education and research as a Christian ministry of healing. Joining our team is not just accepting a job, it’s accepting a calling!