Information Security Architect

Company: Partners Healthcare System
Location: Somerville
Posted on: January 4, 2022

Job Description:

Description--About Us: As a not-for-profit organization, Mass General Brigham is committed to supporting patient care, research, teaching, and service to the community by leading innovation across our system. Founded by Brigham and Women's Hospital and Massachusetts General Hospital, Mass General Brigham supports a complete continuum of care including community and specialty hospitals, a managed care organization, a physician network, community health centers, home care and other health-related entities. Several of our hospitals are teaching affiliates of Harvard Medical School, and our system is a national leader in biomedical research. We're focused on a people-first culture for our system's patients and our professional family. That's why we provide our employees with more ways to achieve their potential. Mass General Brigham is committed to aligning our employees' personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal development-and we recognize success at every step. Our employees use the Mass General Brigham values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration. General Summary/ Overview: Under the direction of the Mass General Brigham Senior Manager for Information Security Program Governance, the Information Security Architect (ISA) is responsible for designing the security architecture necessary for safeguarding Mass General Brigham-- information systems and data.-- The ISA ensures that information security technical strategy is aligned with Mass General Brigham business objectives. The ISA coordinates and interacts with all Mass General Brigham IT Service units, Mass General Brigham business units, and Mass General Brigham physical security, to ensure a cohesive approach to meet information security requirements.-- The ISA also supports the Chief Information Security Officer (CISO) and his/her office by providing leadership, documentation and design of secure patterns related to the overall Mass General Brigham information security architecture. Principal Duties and Responsibilities: Responsible for defining, documenting and supporting implementation of the overall security architecture, and resulting security standards, for all seven OSI layers. Provides technical leadership for security projects from design to implementation. Provide support and guidance for Identity and Access Management Provide support for Workday Provides design and architectural guidance in the early stages of new IT system and subsystem implementations. Supports organizational risk assessment activity. Supports organizational approaches to vulnerability testing and application security testing. Works collaboratively with the Mass General Brigham CTO, CIO, and other organization technology leaders. Coordinates technical security planning and strategy for matrixed Mass General Brigham business units, including Mass General Brigham Information Services, Research Computing and hospital technology units. Maintains understanding of security-related regulatory requirements. Provides project management of major security implementations. Collaborates in selection of key security technologies and designs. On-call as a technical point of escalation to troubleshoot production deployments of major security-related initiatives. Defines and standardizes reporting mechanisms to capture information on the current status of the environment, and overall security performance. Perform all duties as assigned Qualifications--Bachelor's degree in Information Technology, Computer Science, or a related discipline 8+ years of experience directly related to Information Security or equivalent combination of education and experience. Significant experience with securing the technology stack across all seven OSI layers. Significant technical knowledge and competency. Hands-on experience in implementing complex technology solutions across large organizations. Experience in a collaborative team environment, delegating workload and responsibilities Experienced in internal, external, and audit assessment Experience working in an Academic Medical Center or Healthcare environment Experience with Workday Experience with Identity and Access management platforms Experience with Cloud service providers CERTIFICATIONS CISSP, CISSP-ISSAP, CGEIT, CISM, and CISA certifications are preferred.-- MCSE, CCNA/CCSP, SANS and related certifications are desired. Skills/Abilities/Competencies: Extensive technical knowledge and experience in the domains of application security, and network administration and maintenance, including: Protocol and technical standards including encryption, TCP/IP, SSL, S/MIME, Radius, IPSEC and PKI technology Creating actionable secure design patterns in support of technical standards Operating system (Windows, Mac OS, Unix) security and hardening Database security Endpoint security, including encryption technologies, NAC, and related technologies Cloud-based technologies and design patterns including Azure, AWS and Google Cloud Access Security Broker toolsets Authentication solutions and standards including Active Directory, SAML, OAuth, Kerberos, IWA All aspects of IAM\IGA including identity lifecycle management, role-based access, directory services, application provisioning, access certification Privileged Access Management including best practices and solutions for on premises and cloud-based privilege Service Oriented Architecture concepts such as micro-service design and implementation patterns Exposure to Clinical and eMR systems such as EPIC Knowledge of industry standards such as: ISO27000, NIST SP 800-53, OWASP, and other standards. Strong project management skills. Ability to compile, analyze, and summarize data for communication. Strong interpersonal and communications skills. Demonstrated ability to handle heavy multi-tasking. Clear ability to complete work with minimal oversight Ability to maintain current knowledge of all relevant security technology, operations, management developments and seek opportunities to deploy new technologies that benefit the organization. projects to identify opportunities for reuse and process improvement. Ability to review documentation to verify compliance with the organization's requirements and established architectural standards, security policies, standards and guidelines. Working Conditions: Possible local travel to Mass General Brigham sites While performing the duties of this job, the employee is frequently required to sit; talk; or hear; use hands to finger; handle; or feel; reach with hands and arms. The employee is occasionally required to stand; walk; and stoop; kneel; or crouch. The employee must frequently lift and/or move up to 5 pounds and occasionally lift and/or move up to 20 pounds. Specific vision abilities required by this job include close vision, distance vision and depth perception. The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Normal office working conditions. The noise level in the work environment is quiet to moderate. EEO Statement--Mass General Brigham is an Equal Opportunity Employer & by embracing diverse skills, perspectives and ideas, we choose to lead. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law.----Primary Location:--MA-Somerville-MGB Assembly RowWork Locations:--MGB Assembly Row--399 Revolution Drive ----Somerville--02145Job:--Information SecurityOrganization:--Mass General Brigham(PHS)Schedule:--Full-timeStandard Hours:--40Shift:--Day JobEmployee Status:--RegularRecruiting Department:--PHS Information SystemsJob Posting:--Sep 22, 2021

Keywords: Partners Healthcare System, Somerville , Information Security Architect, Other , Somerville, Massachusetts