Director InfoSec Enterprise Architecture and Engineering

Planned Parenthood Federation of America (PPFA) is the national umbrella organization for the nation’s leading network of women’s health care providers, educators, and advocates, serving women, men, teens and families. Planned Parenthood Action Fund (PPAF) is the advocacy and political arm of PPFA. For over 100 years, Planned Parenthood has done more than any other organization in the United States to improve women’s health and safety, prevent unintended pregnancies, and advance the right and ability of individuals and families to make informed and responsible health care decisions.  
Planned Parenthood Federation of America (PPFA) seeks a dynamic and effective enterprise architecture and engineer responsible for Information Security (InfoSec) with a focus on PPFA commercially off the shelf software (COTS). This job reports directly to the Sr. Director, Architecture and Engineering in the InfoSec division of PPFA. The Office of the Chief Information Security Officer provides the strategy and implementation of the information security program that safeguards the data entrusted to PlannedParenthood by its patients, supporters, donors and staff.

Purpose

• The Director InfoSec Enterprise Architecture and Engineering will work within a multi-disciplined position in the Information Security team that is expected to have a thorough understanding of complex systems and stay up to date with the latest architecture and engineering security standards, systems, and authentication protocols, as well as best practice security products. Responsible for fostering trusted partnerships and relationships with the PPFA business application owners. This will require both knowing the business, our digital strategy, and having a comprehensive awareness of its technology and information needs. This knowledge is ultimately used to ensure all COTS software has the appropriate security controls to ensure risks are identified and appropriate controls are implemented to protect the confidentiality of information, integrity of data, and availability of services.

Delivery

• Foster a trusted partnership and relationships with owners of key business products (i.e., Information Technology, Managed Service Provider, Human resources, Finance, Data Analytics, etc.)
• Design and implement InfoSec controls that support the PPFA COTS (i.e., Tableau, Salesforce, Sage, Radix, etc..)
• Ensure InfoSec best practices for the management of COTS in the AWS, GSuite, and Azure environment
• As InfoSec SME for COTS, you will be responsible for drafting and updating COTS policies and standards
• Annually, reassess business to ensure risks are identified and appropriate controls are designed and implemented to protect the confidentiality of information, integrity of data, and availability of services.
• As SME, create, own, and update InfoSec policies, standards, and procedures (COTS), clarifying them when questions arise; is always prepared to accurately discuss these policies. Track risk acceptance not inline with policies, standards, and procedures.
• Design and implement information security solutions that are scalable and easy to adapt with changing business requirements.
• Working as a subject matter expert (SME) team member, formulate an information security strategy that will allow business to achieve objectives while designing controls that are both effective and efficient
• Manage and support complex security projects and other strategic security initiatives, in support of our digital and business priorities

Engagement

• The Director Enterprise Architecture and Engineering will engage with senior, chief, and executive level staff, and as required, leading and mentoring direct and indirect reports.
• SME and owner of the InfoSec COTS engineering and architecture domain
• Works independently with affiliates, InfoSec shared services. vendors and product managers, vendor account managers, vendor account support representatives, and purchasing to achieve company major business objectives.
• Develop and maintain relevant engineering and architecture metrics to assess system and data integrity.
• Create and present architecture designs depicting environments both existing and proposed
• Understand client’s business initiatives and requirements and map these business needs into technical and security architecture.
• Provide assessment services, compliance audits, security consulting and advisory services.

Knowledge, Skills and Abilities (KSAs)

• Reporting to the Sr. Director Architecture and Engineering, be part of our SME leadership team.
• Prior experience with enterprise architecture and engineering processes, standards, and strategies is required
• AWS Certified DevOps, SysOps, or Solutions Architect associate or professional required
• Experience drafting policy and standards
• PM Experience for a large implementation/migration project (10+ user team)
• Bachelor’s degree and 6+ years of broad-based information security experience, with expertise in the following areas: security operations/ administration, incident response, controls review, and risk management
• Develop and maintain relevant metrics to assess system and data integrity; including release planning, sprint planning, execution, quality, and cadence management
• Strong executive presence, communication, and collaboration skills with executive and senior leaders.
• Practical experience with modern information security and cybersecurity technologies include but not limited to strong authentication, network security, endpoint security, cloud/SaaS/PaaS security, security information, and event management, user behavior analytics, vulnerability management, information assurance, security operations, anti-DDoS, privacy, and regulatory compliance

Travel

• 10% travel for conferences and annual team meetings

Salary: $145K
*LI-KM1
Final offers for this job will be based on capabilities and will be made within the parameters of the PPFA compensation program. Total offer package to include generous vacation + sick leave + paid holidays, individual/family provided medical, dental and vision benefits effective day 1, life insurance, short/long term disability, paid family leave and 401k. We also offer voluntary opt in for Flexible Spending Account (FSA) and Transportation/Commuter accounts.   
We value a truly diverse workforce and a culture of inclusivity and belonging. Our goal is to attract qualified candidates and encourage applications from all individuals without regard to race, color, religion, sex, national origin, age, disability, veteran status, marital status, sexual orientation, gender identity, or any other characteristic protected by applicable law.  We're committed to creating a dynamic work environment that values diversity and inclusion, respect and integrity, customer focus, and innovation.
PPFA participates in the E-Verify program and is an Equal Opportunity Employer
*LI-KM1*PDN-HR