Senior Cybersecurity Architect

Company Description

Privia Health™ is a national physician platform transforming the healthcare delivery experience. We provide tailored solutions for physicians and providers, creating value and securing their future. Through high-performance physician groups, accountable care organizations, and population health management programs, Privia works in partnership with health plans, health systems, and employers to better align reimbursements to quality and outcomes.

Job Description

As the Senior Cybersecurity Architect, you will function as the senior technical talent and subject matter expert for technical controls in the organization. In close collaboration with the CISO you will be responsible for designing and implementing robust security frameworks, strategies, and best practices to safeguard sensitive data and assets and comply with relevant regulations like HIPAA, SOX, PCI, and HITRUST. Your technical acumen and expertise in cloud platforms such as Google Cloud Platform (GCP), Amazon Web Services (AWS), and/or Microsoft Azure, software-as-a-service models, and infrastructure security will be essential in building a secure and scalable cloud infrastructure. You will be expected to provide tactical, technical direction, mentorship, and guidance to the security and other technical teams while collaborating with executive leadership, compliance, and legal to drive security initiatives that align with the company's overall vision and objectives. This technical leadership role is a key contributor to team culture and morale and is responsible for working with the leadership team to build a scalable, sustainable team and fostering an environment that attracts and retains top talent through technical leadership and mentorship.

• Cloud Security Architecture: Develop and maintain a comprehensive security architecture for our cloud-based products and services, encompassing public cloud infrastructure (GCP, AWS, and Azure) and our Software as a Service (SaaS) platforms. Ensure that security measures are integrated into every aspect of our cloud infrastructure.

• Security Architecture Review: Perform security architecture reviews and provide guidance to engineering and development teams to ensure that security is embedded throughout the software development life cycle (SDLC).
   
• Identity Access Management and Governance: In collaboration with the Senior Manager of Access and Data Management and the CISO develop and implement robust Identity and Access Management (IAM) strategies and policies to ensure secure authentication and authorization processes. Review the design and management of identity and access controls, Assist in efforts to establish and maintain a comprehensive governance framework for security policies, procedures, and controls. Advise on automated identity lifecycle management processes to enhance efficiency and reduce security risks associated with manual tasks.
   
• Incident Response and Threat Management: In collaboration with the CISO, develop and maintain incident response plans and procedures to address security breaches, malware incidents, and other security-related events. Function as the technical lead on our Cybersecurity Incident Response Team (CSIRT) and coordinate the technical response in the event of a cybersecurity incident. Coordinate with the technical teams to promptly and effectively mitigate threats.
   
• Regulatory Compliance - Technical Controls: In collaboration with the CISO and other leaders of the Product and Technology department, develop technical controls to ensure compliance with industry-specific regulations, including but not limited to the Sarbanes-Oxley Act (SOX), Health Insurance Portability and Accountability Act (HIPAA), PCI, Healthcare Cybersecurity Best Practices 405(d), and HITRUST. Experience in ISOO 27001, SOC1, and/or SOC2 is a plus.

• Security Policies and Procedures: In collaboration with the CISO, develop and maintain security policies, standards, and procedures, ensuring alignment with industry best practices and regulatory requirements. Regularly review and update these policies as needed.

Executive Presence: Must possess excellent communication and presentation skills. Will regularly report to senior executives, boards, customers, and potential customers sensitive and challenging information. Must be able to distill complex concepts into effective executive and customer-ready summaries. 

Qualifications

• Certified Information Systems Security Professional (CISSP) or equivalent work/education experience
• 12+ years of progressive experience in technical engineering and architecture roles
• Experience managing, architecting, and securing infrastructure  in on-premise and cloud environments (GCP, AWS, Azure) and software-as-a-serve or hosted application environments
• Deep understanding of Information Security Best Practices
• 3+ years of experience architecting solutions in the cloud (GCP, AWS, Azure), including Windows, Linux, and networking
• Must comply with HIPAA rules and regulations

Preferred Qualifications:

• Experience in a SOX-compliant organization
• Experience collaborating with Development Operations teams to streamline Infrastructure Operations and managing infrastructure as a code
• Experience working in a Managed Service Provider like organization
• Identity Access Management and Governance experience (preferably Sailpoint)

"The salary range for this role is $100,000.00 to $125,000.00 in base pay and exclusive of any bonuses or benefits. This role is also eligible for an annual bonus targeted at 15% and restricted stock units based on performance in the role. The base pay offered will be determined based on relevant factors such as experience, education, and geographic location."

Additional Information

Technical Requirements (for remote workers only, not applicable for onsite/in office work):

In order to successfully work remotely, supporting our patients and providers, we require a minimum of 5 MBPS for Download Speed and 3 MBPS for the Upload Speed. This should be acquired prior to the start of your employment. The best measure of your internet speed is to use online speed tests like https://www.speedtest.net/. This gives you an update as to how fast data transfer is with your internet connection and if it meets the minimum speed requirements. Work with your internet provider if you have questions about your connection. Employees who regularly work from home offices are eligible for expense reimbursement to offset this cost.

Privia Health is committed to creating and fostering a work environment that allows and encourages you to bring your whole self to work. Privia is a better company when our people are a reflection of the communities that we serve. Our goal is to encourage people to pursue all opportunities regardless of their age, color, national origin, physical or mental (dis)ability, race, religion, gender, sex, gender identity and/or expression, marital status, veteran status, or any other characteristic protected by federal, state or local law.