Architect, Information Security (REMOTE)

Innovation starts from the heart. At Edwards Lifesciences, we are dedicated to developing ground-breaking technologies with a genuine impact on patients’ lives. At the core of this commitment is our investment in innovative information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success. As part of our IT team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions.

This Security Architecture position will support cybersecurity risk management by designing, developing or recommending secure solutions, including policy, standards, processes, applications, systems, architectures, and infrastructure that are operationally viable and efficient. Ensure appropriate application of security products and technologies to protect Edwards’ systems and information and enable achievement of Edwards’ business objectives. Perform analysis of emerging cybersecurity frameworks and best practices, architectures and solutions to enforce secure policy/standards conformance.

Position Accountability / Scope - Reports to Sr. Manager of Governance, Risk & Compliance. The scope of this position is Edwards wide and considers the information security implications unique to all Edwards divisions when developing governance and risk management strategies.

You will make an impact by:
• Provide guidance to team members and lead the design, development, implementation and execution of countermeasures, system integration, and tools related to information security

•Support Tier 2 risk assessment across critical business processes and applications

•Plan and execute Tier 3 risk assessment by using threat modelling techniques and recommend mitigating activities using industry leading security controls and tool sets.
• Serve as technical lead in the design and build of cyber security controls or solutions, processes and functions
• Evaluate and recommend new products and service offerings for information security
• Serve as a business liaison and advisor for at least one business unit
• Lead and perform the operations and maintenance of key cyber security capabilities and services across multiple technologies

•Define and execute creation of KRI’s that align with top cyber risks 

•Define and execute service KPI’s for the risk management service to demonstrate risk identification and mitigation 
• Lead and perform resolution of Issues and incidents by performing highly complex root cause analysis and developing and implementing solutions
• Incidental duties

What you'll need (Required):
•Bachelor's Degree in related field

•6 years of previous related experience required

•Proficient in English

What else we look for (Preferred):
• Experience drafting technical documentation
• Familiarity implementing and supporting enterprise network security platforms and capabilities (e.g., endpoint security, network security, identity and access management, data security, security monitoring tools)
• Ability to implement cyber processes and tools with strong focus on Automation and Cloud first approach
• Stay abreast with the cyber security threat and solution landscape to bring innovative solutions that significantly improve Edwards security posture
• Possess expertise in valuing and implementing industry standards such as the ISO 27001/2, SOC 2, NIST CSF, HITRUST and FedRAMP Information Security standard. 
• Excellent verbal and written communication skills and customer focused skills
• Extensive understanding of related aspects of information security processes and/or systems
• Ability to interact professionally with all organizational levels and proactively escalate issues to appropriate levels of management in the organization
• Ability to manage competing priorities in a fast paced environment

• Possess CISSP certification (or similar) and knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.

Aligning our overall business objectives with performance, we offer competitive salaries, performance-based incentives, and a wide variety of benefits programs to address the diverse individual needs of our employees and their families.