IT Architect - Cybersecurity

What you can expect! 

Find joy in serving others with IEHP! We welcome you to join us in “healing and inspiring the human spirit” and to pivot from a “job” opportunity to an authentic experience!

The IT Architect - Cybersecurity will ensure that the stakeholder security requirements necessary to protect IEHP's digital assets are adequately addressed in all aspects of enterprise architecture including reference models, technical and solution architectures, design patterns in application and infrastructure security, and the resulting systems supporting the organization’s missions and business processes.

Key Responsibilities:

1. Develop/integrate cybersecurity designs for applications and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data such as PHI/PII, SSN and PCI data. 
2. Document and address IEHP's information security, cybersecurity architecture, and systems security engineering requirements throughout the system life cycle. 
3. Employ secure configuration management and continuous compliance monitoring processes. 
4. Ensure that acquired or developed system(s) and architecture(s) are consistent with IEHP’s cybersecurity architecture guidelines for on-premise, vendor hosted or cloud-based workloads. 
5. Identify and prioritize critical security functions in collaboration with business architect, IT architect and other organizational stakeholders.
6. Perform security design reviews, identify gaps in security architecture, and develop a security risk management plan. 
7. Define and document how the implementation of a new system or new interfaces between systems impacts the security posture of the current environment. 
8. Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents. 
9. Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately.
10. Identify and research security solutions to deliver security changes when needed and contribute to business development.
11. Respond and investigate immediately to security-related incidents and provide thorough remedial solutions and analysis.
12. Serve as the primary liaison between the enterprise architect and the systems security engineer and coordinate with system owners, common control providers, and system security operators on the allocation of security controls as system-specific, hybrid, or common controls.
13. Any other duties as required ensuring Health Plan operations are successful.

Commitment to Quality: The IEHP Team is committed to incorporate IEHP’s Quality Program goals including, but not limited to, HEDIS, CAHPS, and NCQA Accreditation.

Perks

IEHP is not only committed to healing and inspiring the human spirit of our Members; we also aim to match our Team Members with the same energy by providing prime benefits and more.

• CalPERS retirement
• 457(b) option with a contribution match
• Generous paid time off- vacation, holidays, sick
• State of the art fitness center on-site
• Medical Insurance with Dental and Vision
• Paid life insurance for employees with additional options
• Short-term, and long-term disability options
• Pet care insurance
• Flexible Spending Account – Health Care/Childcare
• Wellness programs that promote a healthy work-life balance
• Career advancement opportunities and professional development
• Competitive salary with annual merit increase
• Team bonus opportunities

Education & Experience

• Five (5) years of experience in developing IT product security architecture and design patterns. Experience implementing Policy management using tools such as Compliance360. Producing InfoSec metrics and reports. Experience working with various business units to achieve policy-based security and compliance outcomes. Experience with security tools from Microsoft/VMware/CISCO/Palo Alto Networks, Endpoint and Infrastructure Defense, Application Security, Data Privacy Technologies, Enterprise Architecture, Information Technology Assessment, and Risk Management.
• Bachelor’s degree from an accredited Institution required.
• CISSP, CISM or vendor specific security architect certification (e.g., Microsoft Certified: Cybersecurity Architect Expert) preferred.

Key Qualifications

• Strong knowledge of:
  • HHS OCR security guidelines, NIST SP 800 Series documents, NIST Cyber Security Framework, Microsoft operating systems, Linux operating systems, cloud security, microservice architecture, API security, networking security, System Development Lifecyle security, security design patterns, and security architecture framework such as SABSA (Sherwood Applied Business Security Architecture).
  • Program protection planning (e.g. information technology (IT) supply chain security/risk management policies, anti-tampering techniques, and requirements).
  • IT architect framework such as TOGAF (The Open Group Architecture Framework) and the enterprise information technology (IT) architectural concepts and patterns (e.g., baseline, validated design, and target architectures.)
• Strong skills in:
  • Designing architectures and frameworks for infrastructure, application and data security projects or products.
  • Determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
  • Writing & communication.
  • Analytics and problem-solving. Logical reasoning skills and business intelligence.
• Proven ability to:
  • Present to senior management.
  • Work in a collaborative and inclusive environment with the willingness to listen to alternative points of view.

Start your journey towards a thriving future with IEHP and apply TODAY!