Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We’re proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint.
Work Shift:
Day (United States of America)
Scheduled Weekly Hours:
40
Union Position:
No
Department Details
Summary
The Principal Security Architect serves a critical role in the enterprise architecture group as a subject matter expert performing tasks that contribute to Sanford Health’s mission and vision. Provides IT system security designs and solutions and creates the information security foundation. The role will deliver information security expertise over a wide range of IT and business solutions that will be delivered through direct participation on project teams and consultative services across business and IT groups. Develops and maintains information security policies, standards, and processes, and applies in-depth knowledge of functional aspects of information security and compliance. The focus is the enforcement of security policies of the enterprise without inhibiting value.
Job Description
As a member of the Enterprise Architecture Center of Excellence, responsible for planning, designing, and managing enterprise information security initiatives in support of the core security functions of the information security group. Ensure architecture decisions related to security are traceable to business and policy decisions and their risk management. The general areas of concern include: Authentication, Authorization, Audit, Assurance, Availability, Asset Protection, Administration, and Risk Management. Act as a trusted advisor and work with stakeholders to define and create roadmaps. Monitor, measure, and report the architecture development progress.Define security standards, procedures, operational activities, and technical architecture. Involved in the governance of outsourced security services and participates as a member of incident response team in the event of emergency security or non-security breach. Provide technical and architectural oversight for systems and projects that are required to be reliable, scalable, highly available and maintainable.
Provide strategic and technical leadership ensuring that business, technical, security, privacy and compliance requirements are properly defined and integrated into enterprise system design and development as defined by the organizations security software development lifecycle. The role works with the development teams, providing security related guidance to ensure that program and project architectures adhere to the applicable security standards for the target-state architectures.
Hands-on technical experience in security architecture, automation, integration, and deployment in cloud (AWS, Azure). Expert level experience with encryption technologies and techniques. Working knowledge of data security best practices and ability to build risk models to analyze security weaknesses in complex technology deployments. Experience building security architectures for applications deployed on various technologies (.Net, Linux, MS Windows, SQL Server, etc.,) Working towards certifications such as HITRUST, ISO 27001, and SOC 2.
Qualifications
Bachelor’s degree in computer science, Information Technology, Information Systems, Engineering or a related field required. Master’s degree is preferred.
Progressively increasing responsibility and achievement in the Information Security discipline with experience leading security architecture design initiatives and driving strategy. Working knowledge and hands-on experience with a variety of information security tools and technologies commonly used in Security Operations Center and enterprise detection/protection. Knowledge and working experience with disaster recovery, vulnerability assessment, penetration testing, incident response, industry security standards and practices, web application security, security audit/review processes and applying corporate and federally mandated policies.
Familiarity with ITIL, NIST, TOGAF, COBIT, CMMI, SABSA is highly desired.
CISSP Certification is required.
Sanford is an EEO/AA Employer M/F/Disability/Vet.
If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1-877-673-0854 or send an email to talent@sanfordhealth.org.
Read Full Description