Cyber Security Architect - Data Protection

Community Health Systems is one of the nation’s leading healthcare providers. Developing and operating healthcare delivery systems in 40 distinct markets across 15 states, CHS is committed to helping people get well and live healthier. CHS operates 71 acute-care hospitals and more than 1,000 other sites of care, including physician practices, urgent care centers, freestanding emergency departments, occupational medicine clinics, imaging centers, cancer centers and ambulatory surgery centers.

Essential Duties and Responsibilities

• Define and document a Security Reference Architecture (s) for Data Protection and/or Data Loss Prevention (DLP) capabilities at the enterprise level including Data-In-Motion, Data- In-Use, and Data-At-Rest, Cryptographic Services, and Strategy and Governance utilizing the NIST – CSF and NIST SP-800.53 publications as guiding principles.
• Create Data Protection “Implementation Patterns” for Data-In-Motion, Data-In-Use, and Data-At-Rest that can be utilized by project teams when needed.
• Aid in the development and maintenance of Data Protection security standards based on National Institute of Standards and Technology (NIST) recommendations, specifically NIST 800-53
• Lead multiple projects focused on the implementation of new Data Protection and/or Data Loss Prevention (DLP) tooling that identify, monitor, and protect; Data-In-Motion, Data-In-Use, and Data-At-Rest at CHS.
• Responsible for thoroughly documenting all Data Protection and/or Data Loss prevention (DLP) tooling from an Architecture perspective including the creation of Solution Architecture documents, Architecture Decision documents, Operations Manual documents, and other work-products.
• Partner with Back Office – Data Protection team to develop, implement, and (where needed) enhance enterprise information security Data Protection/Data Loss Prevention (DLP) architectures and solutions.
• Partner with Back Office – Data Protection team to develop and maintain specific Data Protection/Data Loss Prevention (DLP) capability and technology roadmaps for Data-In- Motion, Data-In-Use, and Data-At-Rest.
• Ability to “flex” between multiple IT/Cyber Security domains (IAM, Network Security, Cloud Security, etc.) depending upon Architectural Demand and team availability.
• Business and Soft Skill expectations:
  • Communicate and interact effectively and professionally with co-workers, management, customers, etc.
  • Maintain complete confidentiality of company business.
  • Communicate with management regarding development within areas of assigned responsibilities and perform special projects as required or requested.

Qualifications:

• Required Education: High school diploma
• Preferred Education: Bachelor’s or Master’s Degree in Cyber Security, Computer Science, Information Systems (or other related field), or equivalent work experience.
• Required Experience:
  • 15+ years of IT or information security
  • 5+ years of Data Protection
  • Activities:
    • Designed and implemented Data Protection and/or Data Loss Prevention technologies within “on-premise” and/or 3rd Party cloud platforms.
    • Served as architecture or expert thought leader for Data Protection technology and influenced the strategy to address internal or external business and regulatory issues with respect to protection of sensitive data.
    • Worked in process-driven structured environments, and participated in process optimization activities.
  • Competencies:
    • Advanced knowledge of security principles, issues, and Data Protection techniques and/or Data Loss Prevention implementations across “on-premise” and/or 3rd Party cloud platforms.
    • Proactive identification and solving of complex problems
    • Strong understanding of systems development lifecycle to provide technical leadership for multifunctional projects or initiatives.
    • Effective communication of technical concepts to a non-technical audience.
    • Excellent written and verbal communication skills
• Preferred License/Registration/Certification:
  • CISSP
  • CCSP
  • GCSA
• Computer Skills Required: Productivity suite software

Physical Demands:
In order to successfully perform this job, with or without a reasonable accommodation, the following are outlined below:

• The Employee is required to read, review, prepare and analyze written data and figures, using a PC or similar, and should possess visual acuity.
• The Employee may be required to occasionally climb, push, stand, walk, reach, grasp, kneel, stoop, and/or perform repetitive motions.
• The Employee is not substantially exposed to adverse environmental conditions and; therefore, job functions are typically performed under conditions.