A TekStream client, a healthcare technology company, has am opening for a Senior Information Security Architect with Identity and Access Management (IAM) expertise and large enterprise company and healthcare industry experience.
This is a remote contract-to-hire opening so applicants must be eligible for hire without visa sponsorship.
Responsibilities:
- Develop security architecture strategies for the organization with the emphasis on application security, network security and identity and access management concerns
- Serve as primary information security interface to collaborate with product teams, business representatives, systems development and business users for establishing business requirements, information security functional requirements, security solution options and implementation plans
- Advise and contribute to strategies and initiatives to strengthen the Security Program which is identified as part of the corporate Information Security Practice or HITRUST corporate compliance
- Provide security controls, processes and technical advisory support to business units and projects by working cross-functionally to develop and implement strategies that balance security recommendations with business needs
- Work with leadership to develop a run book for the operational organization to enable safe and rapid responses to reported vulnerability disclosures
Requirements:
- Solid and extensive experience in secure Identity and Access Management (IAM)
- 10 years of IT infrastructure architecture and/or operations experience
- 5+ years of experience in enterprise security architecture role
- Must have healthcare industry experience and basic understanding of HITRUST framework
- 4 years of experience in Large Scale System design (ERP, Custom, etc.) and implementation
- 3 years of experience with commercial and open source security applications and technologies (e.g. malware prevention, DLP, IDS/IDP, cryptography, vulnerability scanning and penetration testing), as well as related protocols and tools (e.g. SSH, SSL/TLS, snort, port scanners, rootkit detectors, etc.)
- 3 years of experience performing network and application security penetration testing and/or threat assessments
- 3 years of experience architecting solutions in a cloud environment
Training, Certification and Education:
- Required: CISSP certification
- Preferred: Bachelor’s degree in Computer Science, Information Systems, Engineering, Business Administration or comparable experience in a related field
- Preferred: CCNA, CCENT, CCNP, GSEC, MCSA, CISM certification