Information Security Architect (Open to Remote)

Olive’s AI workforce is built to fix our broken healthcare system by addressing healthcare’s most burdensome issues -- delivering hospitals and health systems increased revenue, reduced costs, and increased capacity. People feel lost in the system today and healthcare employees are essentially working in the dark due to outdated technology that creates a lack of shared knowledge and siloed data. Olive is designed to drive connections, shining a new light on the broken healthcare processes that stand between providers and patient care. She uses AI to reveal life-changing insights that make healthcare more efficient, affordable and effective. Olive’s vision is to unleash a trillion dollars of hidden potential within healthcare by connecting its disconnected systems. Olive is improving healthcare operations today, so everyone can benefit from a healthier industry tomorrow.

The Information Security Architect is responsible for designing, architecting, and testing various information security tools, systems, and controls within Olive’s environment. The Security Architect is responsible for determining security requirements for external and internal customers, testing security controls, preparing security standards, policies, and procedures and further the growth and maturity of Olive’s information security program.

The Security Architect is expected to have a thorough and deep understanding of various information security frameworks, complex enterprise systems, network protocols, in depth security defenses and stay up to date with the latest security standards, systems and best practices in the healthcare industry to maintain compliance with HIPAA, HITRUST and other required frameworks.

Requirements

• Enhances security team accomplishments and competence by planning team deliverables, answering technical and procedural questions for less experienced team members, teaching improved processes and mentoring team members.
• Determines security requirements by evaluating business strategies and requirements, researching information security standards for healthcare, conducting system security and vulnerability analyses and risk assessments, and preparing cost estimates.
• Develops requirements for Olive’s communication networks, virtual private networks (VPNs), routers, firewalls, and related security and network devices; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
• Implements security systems by specifying intrusion detection methodologies and equipment, directing equipment and software installation and monitoring, preparing preventive and reactive measures, creating, transmitting, and maintaining keys, providing advanced technical support when necessary and completing documentation.
• Verifies security systems by developing and implementing testing procedures and methodologies; planning and executing penetration test exercises.
• Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
• Maintains an ongoing relationship with Olive’s engineering and product development teams to assist with security integration in the product lifecycle.
• Assist the Olive Information Security team by monitoring the security tools, identifying security gaps, and evaluating and implementing enhancements.
• Actively assists with the development, growth and maintenance of Olive’s GRC infrastructure and tools; assists with detailed reporting on metrics and Olive’s security risk posture.
• Updates job knowledge by tracking and understanding emerging security practices and standards in the healthcare industry, participating in educational opportunities, reading professional publications, maintaining personal networks and participating in professional organizations.
• Enhances department and organization reputation by accepting ownership for accomplishing new and different requests and exploring opportunities to add value to job accomplishments.

Qualifications:

• A CISSP or equivalent experience or certification is required.
• Experience with Microsoft Excel, reporting, data mapping
• Experience with some or all of HITRUST, SOC 2, NIST, ISO 27001 frameworks strongly preferred
• Experience with enterprise level network protocols, communication protocols, monitoring tools and penetration testing.
• Experience with vulnerability management.
• Experience with risk management and risk mitigation techniques
• Experience with and understanding of secure software development practices and secure coding.
• Reporting on research results and analyzing Information
• Excellent communication skills, presentation abilities to management, ability to carry out management level discourse.

Benefits

Disclaimer:

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change or new ones may be assigned.

This job description does not constitute a contract of employment and Olive AI, Inc. may exercise its employment-at-will rights at any time.

Benefits:

We take the health and happiness of our employees seriously and consistently evaluate new ways to provide an amazing place to work. From retirement planning, to a wellness program designed to actively incorporate mental and physical wellness into daily interactions amongst fellow Olivians, we make sure to take care of our own.

• Health, Dental, and Vision insurance that starts on your first day at Olive with 100% of premiums covered for team members and 75% covered for dependents
• Monthly Grid stipend to cover work related expenses
• Unlimited PTO
• Telemedicine
• EAP/Mental health resources
• Getaways by Marriott Bonvoy
• Family-building and fertility support via Kindbody
• 12 weeks of parental leave
• 401(K) match
• Wellness program
• Stock Options