Information Security Architect - Philadelphia, United States - NBME

NBME
NBME
Verified Company
Philadelphia, United States

2 weeks ago

Mark Lane

Posted by:

Mark Lane

beBee recruiter
Description

POSITION OVERVIEW


The Information Security Architect brings an innovative, hands-on approach in evaluating and solutioning information security controls, recommending and identifying security measures to protect information against unauthorized data modification and exposure, access control, intrusion detection, malware protection, incident response, security engineering, are some of the areas that this position engages in on a regular basis.


Diversity, Equity, and Inclusion Statement


At NBME , we continue to innovate and improve how we fulfill the evolving needs of the health care community.

This commitment starts and ends with the people at NBME.

By recruiting and empowering talented individuals from various disciplines and backgrounds, which includes professionals with diverse life experiences, abilities, and perspectives, NBME can take a well-informed, robust approach to advancing medical education and assessment for years to come.

We also continue to focus on ensuring that our DEI work is impactful and ingrained in everything we do, including with our staff, workplace culture, products and services, the Philadelphia community and the broader medical education landscape.


RESPONSIBILITIES

  • Work with Solutions Architects in Information Technology and liaise with various other stakeholders and areas of the organization to ensure the appropriate level of security controls are in place to meet the needs of the business, the requirements of regulatory bodies, and industry best practices.
  • Develop/integrate cybersecurity designs for systems and networks with multilevel security requirements or requirements for the processing of multiple classification levels of data. Determine the protection needs (i.e., security controls) for the information system(s) and network(s) and document appropriately. Requires an understanding of attack vectors, current threats, and remediation strategies.
  • Ensure that acquired or developed system(s) and architecture(s) are consistent with organization's cybersecurity architecture guidelines.
  • Perform security reviews, identify gaps in security architecture, and develop a security risk management plan, including quantifying risk to the business.
  • Serve on various governance teams with a focus on DevSecOps and Cloud Security to ensure security is appropriately integrated and aligned with best practices.
  • Keeps abreast of current and emerging security technologies and threats.

DELIVERABLES (IF APPLICABLE)

  • Lead and develop security design and reference architecture on large enterprise projects.
  • Develop strategies and plans to enforce security requirements to address identified risks. Provide guidance and direction on best practices for the protection of information.
  • Perform threat models for internal and external systems (e.g., cloud services) and ensure the appropriate controls are designed into the services.
  • Research, evaluate, design, recommend and plan the implementation of new security controls to reduce the risk of data loss. Preemptively counter the possibility of system breach through unauthorized access of data.
  • Provide written analysis on security threats and recommended next steps.

QUALIFICATIONS

Skills and Abilities

  • Ability to design architectures and frameworks.
  • Knowledge of remote access technology concepts.
  • Excellent written and verbal communication and presentation abilities.
  • Orchestration of high priority security initiatives across multiple layers of management and heterogeneous departments.
  • A selfstarter who is able to perform independent research to support critical security decisions and to keep stakeholders informed of industry security trends.
  • Ability to quickly come up to speed on the cyber security aspects of new platforms you many not have experienced before

Experience

  • 10 years of experience; minimum of 5 years in cyber security.
  • Recent experience with reviewing AWS/Azure security, including authentication, identity configuration, key management systems, and API security is preferred.

Education

  • Bachelor's degree in an information technology related field or a combination of equivalent education and experience.
  • CISSP required. AWS SA, CCSK or similar certification desirable

About NBME:


NBME offers a versatile selection of high-quality assessments and educational services for students, professionals, educators, regulators and institutions dedicated to the evolving needs of medical education and health care.

To ensure our assessments meet the highest standards of quality, stay relevant and align to the current curriculum in medical schools and training programs, we rely on a wide network of collaborators.

These include the volunteers who help develop our exam questions, the committees and panels who represent various groups within the medical education community, external researchers and health profession organizations.

As a result of leadership in ongoing research, innovative me
More jobs from NBME
See all jobs of NBME