Information Security Architect (Open to Remote)
Remote - Columbus, Ohio, United States
Olive
Olive is purpose-built for healthcare, improving operational efficiency for provider and payer teams with intelligent automation.Olive’s AI workforce is built to fix our broken healthcare system by addressing healthcare’s most burdensome issues -- delivering hospitals and health systems increased revenue, reduced costs, and increased capacity. People feel lost in the system today and healthcare employees are essentially working in the dark due to outdated technology that creates a lack of shared knowledge and siloed data. Olive is designed to drive connections, shining a new light on the broken healthcare processes that stand between providers and patient care. She uses AI to reveal life-changing insights that make healthcare more efficient, affordable and effective. Olive’s vision is to unleash a trillion dollars of hidden potential within healthcare by connecting its disconnected systems. Olive is improving healthcare operations today, so everyone can benefit from a healthier industry tomorrow.
The Information Security Architect is responsible for designing, architecting, and testing various information security tools, systems, and controls within Olive’s environment. The Security Architect is responsible for determining security requirements for external and internal customers, testing security controls, preparing security standards, policies, and procedures and further the growth and maturity of Olive’s information security program.
The Security Architect is expected to have a thorough and deep understanding of various information security frameworks, complex enterprise systems, network protocols, in depth security defenses and stay up to date with the latest security standards, systems and best practices in the healthcare industry to maintain compliance with HIPAA, HITRUST and other required frameworks.
Requirements
- Enhances security team accomplishments and competence by planning team deliverables, answering technical and procedural questions for less experienced team members, teaching improved processes and mentoring team members.
- Determines security requirements by evaluating business strategies and requirements, researching information security standards for healthcare, conducting system security and vulnerability analyses and risk assessments, and preparing cost estimates.
- Develops requirements for Olive’s communication networks, virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
- Implements security systems by specifying intrusion detection methodologies and equipment, directing equipment and software installation and monitoring, preparing preventive and reactive measures, creating, transmitting, and maintaining keys, providing advanced technical support when necessary and completing documentation.
- Verifies security systems by developing and implementing testing procedures and methodologies; planning and executing penetration test exercises.
- Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Maintains an ongoing relationship with Olive’s engineering and product development teams to assist with security integration in the product lifecycle.
- Assist the Olive Information Security team by monitoring the security tools, identifying security gaps, and evaluating and implementing enhancements.
- Actively assists with the development, growth and maintenance of Olive’s GRC infrastructure and tools; assists with detailed reporting on metrics and Olive’s security risk posture.
- Updates job knowledge by tracking and understanding emerging security practices and standards in the healthcare industry, participating in educational opportunities, reading professional publications, maintaining personal networks and participating in professional organizations.
- Enhances department and organization reputation by accepting ownership for accomplishing new and different requests and exploring opportunities to add value to job accomplishments.
Qualifications:
- A CISSP or equivalent experience or certification is required.
- Experience with Microsoft Excel, reporting, data mapping
- Experience with some or all of HITRUST, SOC 2, NIST, ISO 27001 frameworks strongly preferred
- Experience with enterprise level network protocols, communication protocols, monitoring tools and penetration testing.
- Experience with vulnerability management.
- Experience with risk management and risk mitigation techniques
- Experience with and understanding of secure software development practices and secure coding.
- Reporting on research results and analyzing Information
- Excellent communication skills, presentation abilities to management, ability to carry out management level discourse.
Benefits
Disclaimer:
This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned.
This job description does not constitute a contract of employment and Olive AI, Inc. may exercise its employment-at-will rights at any time.
Benefits:
We take the health and happiness of our employees seriously and consistently evaluate new ways to provide an amazing place to work. From retirement planning, to a wellness program designed to actively incorporate mental and physical wellness into daily interactions amongst fellow Olivians, we make sure to take care of our own.
- Health, Dental, and Vision insurance that starts on your first day at Olive with 100% of premiums covered for team members and 75% covered for dependents
- Monthly Grid stipend to cover work related expenses
- Unlimited PTO
- Telemedicine
- EAP/Mental health resources
- Getaways by Marriott Bonvoy
- Family-building and fertility support via Kindbody
- 12 weeks of parental leave
- 401(K) match
- Wellness program
- Stock Options
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISSP Compliance Firewalls HIPAA HITRUST Incident response Intrusion detection ISO 27001 Monitoring NIST Pentesting Risk management SOC 2 VPN Vulnerability management
Perks/benefits: 401(k) matching Career development Equity Fertility benefits Health care Parental leave Team events Unlimited paid time off Wellness
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Security Operations Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Information Security Specialist jobs
- Open Manager Pentest H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Senior Information Security Analyst jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Cybersecurity Consultant jobs
- Open Chief Information Security Officer jobs
- Open Senior Information Security Engineer jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open IT Security Engineer jobs
- Open CISM-related jobs
- Open ISO 27001-related jobs
- Open Network security-related jobs
- Open Application security-related jobs
- Open Windows-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open DevOps-related jobs
- Open Security assessment-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open Malware-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open DevSecOps-related jobs
- Open CEH-related jobs