Security Architect

Quest Diagnostics

United States

United States

Ähnliche Jobs finden

Über

divh2Security Architect/h2pThe Security Architect provides critical security oversight, risk management and architectural guidance for a new technology platform we are implementing. The large-scale implementation involves the complex migration of multiple in-house, on-premises applications to a third-party Healthcare Information Technology solution hosted in the cloud. The architect will be instrumental in ensuring the confidentiality, integrity and availability of sensitive patient and corporate data throughout the migration and in the resulting cloud environment./ppThis role requires a deep understanding of cloud security best practices, healthcare compliance standards (like HIPAA/HITECH), and a proven ability to translate complex business requirements into robust and scalable security architectures. The Security Architect will report to Director of Security Architecture and Cloud Security./ppPay Range: $150 - $170/ year/ppSalary offers are based on a wide range of factors including relevant skills, training, experience, education, and, where applicable, certifications obtained. Market and organizational factors are also considered. Successful candidates may be eligible to receive annual performance bonus compensation./ppWe are proud to offer best-in-class benefits and programs to support employees and their families in living healthy, happy lives. Our pay and benefit plans have been designed to promote employee health in all respects physical, financial, and developmental. Depending on whether it is a part-time or full-time position, some of the benefits offered may include:/pulliDay 1 Medical, supplemental health, dental vision for FT employees who work 30+ hours/liliBest-in-class well-being programs/liliAnnual, no-cost health assessment program Blueprint for Wellness/liliHealthyminds mental health program/liliVacation and Health/Flex Time/lili6 Holidays plus 1 MyDay off/liliFinFit financial coaching and services/lili401(k) pre-tax and/or Roth IRA with company match up to 5% after 12 months of service/liliEmployee stock purchase plan/liliLife and disability insurance, plus buy-up option/liliFlexible Spending Accounts/liliAnnual incentive plans/liliMatching gifts program/liliEducation assistance through MyQuest for Education/liliCareer advancement opportunities/liliand so much more!/li/ulh2Responsibilities/h2pstrongSecurity Architecture and Design/strong/pulliValidate, and if necessary, update the security architecture for the target cloud-based HIT environment, ensuring alignment with organizational security policies, industry best practices (e.g. NIST) and compliance frameworks./liliEvaluate the security posture of the third-party HIT solution and the underlying cloud infrastructure, identifying and documenting architectural gaps and control deficiencies./liliDevelop security requirements and controls for application integration, data transfer, identity and access management, data encryption (in transit and at rest), network segmentation, and loging/monitoring within the cloud environment./liliCollaborate with project teams, application owners and the third-party vendor to ensure security is built-in from the initial planning and design phases./li/ulpstrongRisk Management and Compliance/strong/pulliCollaborate with the Risk Management team to ensure security findings are documented and remediation plans are in place as discovered./liliProvide guidance on HIPAA Security and Privacy Rules, HITECH Act and other relevant regulations (e.g PCI-DSS) to ensure the solution meets all regulatory requirements for protecting sensitive data./liliDefine security metrics, reporting mechanisms, and audit trails to demonstrate ongoing compliance and security effectiveness./li/ulpstrongOversight and Consultation/strong/pulliServe as the primary security subject matter expert (SME) for the migration project, advising senior leadership and technical teams on security implications./liliReview and approve technical security configurations, including firewall rules, encryption key management, security information and event management (SIEM) integration, and access controls./liliWork with the Risk Management team to incorporate security governance processes for the new environment./li/ulh2Qualifications/h2pstrongRequired:/strong/pulliMinimum 7 years of progressive experience in IT security with at least 3 years focused on security architecture and design for complex enterprise-level systems./liliCloud Security: Deep, hands-on experience security solutions in a major public cloud platform (AWS, Azure, and/or GCP)./liliHealthcare Compliance: Demonstrated expertise with HIPAA/HITECH and proven ability to design and implement controls required for PHI in a cloud environment./liliStrong knowledge of networking protocols, encryption techniques, zero-trust principles and cloud security guardrails./liliProficiency in security-as-code and cloud native security tools (e.g. Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP)./liliExcellent written and verbal communication skills, with the ability to articulate complex security concepts to both technical and non-technical audiences./li/ulpstrongPreferred:/strong/pulliAzure experience and certification./li/ulpstrongRequired:/strong/pulliB.S. in Computer Science, Business Administration, Healthcare Administration or a related field or equivalent work experience./liliAt least one cloud provider security certification (eg AWS Certified Security Specialty, Azure, Security Engineer, GCP Security)/liliSpecialized cloud architecture/security bootcamps (cloud, security alliance)/liliTraining in security-as-code and cloud native security tools (e.g. Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platforms (CWPP)./liliHybrid work environment/liliTravel: 20-30%/li/ulpstrongPreferred:/strong/pulliGraduate degree in Computer Science or related field/liliCISSP (Certified Information Systems Security Professional)/liliCCSP (Certified Cloud Security Professional)/liliPlatform-specific certifications (e.g. Azure Security Engineer Associate, AWS Certified Security Specialty)/li/ulh2About the Team/h2pQuest Diagnostics honors our service members and encourages veterans to apply. While we appreciate and value our staffing partners, we do not accept unsolicited resumes from agencies. Quest will not be responsible for paying agency fees for any individual as to whom an agency has sent an unsolicited resume. Equal Opportunity Employer: Race/Color/Sex/Sexual Orientation/Gender Identity/Religion/National Origin/Disability/Vets or any other legally protected status./p/div

United States

Sprachkenntnisse

English

Hinweis für Nutzer

Dieses Stellenangebot wurde von einem unserer Partner veröffentlicht. Sie können das Originalangebot einsehen hier.

Ähnliche Jobs finden