This is a remote position.

Job Summary

CommonSpirit Health is seeking a highly skilled and experienced Application Security Architect to join our Enterprise Cybersecurity Architecture team as a Cybersecurity Principal Engineer. This position will be one of the lead technical authorities for Cybersecurity protections.

Responsible for monitoring the threat landscape and changing business requirements to identify functional technological and/or control solutions. Defining integration of Cybersecurity controls in an optimal manner to best protect the organization from cyber threats and exposures. Assist solution owners with technology selection based on business requirements required controls emerging threats use cases and desired outcomes. Oversees the design development and implementation of solutions while helping to optimize solutions to resolve highly complex technical and business issues related to cybersecurity. Designs and develops architectures and solutions to successfully integrate new information security systems with the existing architecture.

Will be involved in multiple concurrent Information Technology and Cybersecurity initiatives. Acts as a subject matter expert (SME) for one or more cybersecurity or risk management areas. Mentors other engineers and teams as a leader in the organization.

Job Responsibilities

• Designs and develops solutions to resolve complex technical and business issues related to information security across multiple functions.
• Reviews and consults on cybersecurity of technology solutions to resolve complex technical and business issues.
• Participates in the design and development process to define Cybersecurity requirements for new solutions within the existing or newly defined architecture.
• Serves as SME for multiple technical solutions.
• Provide technical assessments of risk associated with new or existing internal and external cloud based solutions.
• Lead security efforts for integration of infrastructure and business solutions associated with cloud environments including providing cloud expertise in the assessment of cloud provider Request For Information (RFI) and Requests for Proposal (RFP).
• Analyze solution designs for alignment to CommonSpirit Health Cybersecurity Policy and Standards best practices and security frameworks e.g. National Institute of Standards and Technology (NIST) The Open Group Architecture Framework (TOGAF) CIS Critical Security Controls International Organization for Standardization (ISO) MITRE Framework.
• Assess currently deployed environments; provide requirements or recommendations to the design or configurations to address security risk.
• Provide technical guidance/support in troubleshooting security-related issues escalated to Cybersecurity.
• Provide security technical guidance to IAM and/or application security design and configurations. Coordinates with technical teams and business owners security solutions to resolve highly complex technical and business issues.
• Works on multiple functions of high complexity with business owners project management teams and multiple IT technical resources.
• Perform other duties as required.

• Bachelors preferred or equivalent work experience required.
• 7 years of related job experience required of which minimum 5 years in Security Architecture function.
• Experienced in security architecture of multiple application security platforms.
• Experienced in Architecture principles and document creation such as Policies Standards Principles Blueprints Patterns and Whitepapers.
• Proficient in security assessment in Unix Network Cloud Application and End User/Mobile devices
• Proficiency in at least one or more scripting languages like PowerShell Python
• Working base knowledge cloud formation automation like Terraform.
• Demonstrated experience working in a high paced multi-tasking environment.
• Strong analytical and problem-solving skills with the ability to function as a change agent
• Strong interpersonal skills and extremely resourceful
• Strong skills with intermediate to advanced level expertise with Excel and PowerPoint or equivalents.
• 2 or more relevant technical/professional security certifications such as Certified Information Systems Security Professional (CISSP) Governance Risk and Compliance Professional (GRCP) Certified in Risk and Information Systems Control (CRISC) or Certified Information Security Manager (CISM) are preferred

#LI-Remote

#LI-CSH