Information Security Architect I, II, Sr, Lead - Renton, United States - Valley Medical Center

Valley Medical Center Renton, United States

4 weeks ago

Show more Collapse job

Full time

Description

Job Description:

JOB DESCRIPTION

The position description is a guide to the critical duties and essential functions of the job, not an all-inclusive list of responsibilities, qualifications, physical demands, and work environment conditions. Position descriptions are reviewed and revised to meet the changing needs of the organization.

TITLE: Information Security Architect I, II, Sr, Lead

JOB OVERVIEW: Responsible for ensuring the confidentiality, integrity, and availability (CIA) of VMC computer systems and information to safeguard personnel and patient safety, while also maintaining compliance with HIPAA, PCI-DSS, cybersecurity industry best practices, frameworks, and standards.

DEPARTMENT: Informational Technology

WORK HOURS: Typically, Monday - Friday; Hours may vary to meet departmental needs.

REPORTS TO: Supervisor, Information Security

PREREQUISITES:

Level I:

Education: Master's degree in computer science related field, OR Bachelor's degree in computer science related field plus one (1) year industry related experience, OR Associate's degree in computer science related field plus two (2) years industry related experience, OR three (3) years industry related experience.

Certification: Entry-level information security certification from a cybersecurity industry standard such as (ISC)2, OffSec, EC-Council, GIAC, CompTIA, and other related certifications on approval, OR be able to obtain one within one (1) year of hire date.

Applied Job Experience: Information Security Background: Industry experience preferred as a Cybersecurity Practitioner, Security Operations Center (SOC) Analyst, Risk Assessment Auditor, Penetration Tester, Incident Response Handler, or Computer Forensics Investigator. Experience as a Service Desk Agent, Help Desk Agent, Desktop Support Technician, Identity Access Analyst, Systems Administrator or Network Engineer to be considered as time towards.

Level II:

Education: Master's degree in computer science related field plus two (2) years industry related experience, OR Bachelor's degree in computer science related field plus three (3) years industry related experience, OR Associate's degree in computer science related field plus four (4) years industry related experience, OR five (5) years industry related experience.

Certification: Intermediate-level information security certification from a cybersecurity industry standard such as (ISC)2, OffSec, EC-Council, GIAC, CompTIA, and other related certifications on approval. Current certification required.

Applied Job Experience: Information Security Background: Industry experience preferred as a Cybersecurity Practitioner, Security Operations Center (SOC) Analyst, Risk Assessment Auditor, Penetration Tester, Incident Response Handler, or Computer Forensics Investigator. Experience as a Systems Administrator or Network Engineer to be considered up to three (3) years as time towards.

Level Sr:

Education: Master's degree in computer science related field plus four (4) years industry related experience, OR Bachelor's degree in computer science related field plus five (5) years industry related experience, OR Associate's degree in computer science related field plus six (6) years industry related experience, OR seven (7) years industry related experience.

Certification: Advanced-level information security certification from a cybersecurity industry standard such as (ISC)2, OffSec, EC-Council, GIAC, CompTIA, and other related certifications on approval. Current certification required.

Applied Job Experience: Information Security Background: Industry experience preferred as a Cybersecurity Practitioner, Security Operations Center (SOC) Analyst, Risk Assessment Auditor, Penetration Tester, Incident Response Handler, or Computer Forensics Investigator. Experience as a Systems Administrator or Network Engineer to be considered up to three (3) years as time towards.

QUALIFICATIONS:

Working knowledge with scripting languages and automation such as Python, PowerShell, etc.

Working knowledge with securing cloud computing and cloud services such as Azure and AWS.

Working knowledge with securing operating system environments such as Windows, Mac, Linux, etc.

Working knowledge with securing networking, wireless and virtual environments.

Working knowledge with subnetting, segmentation, and zero-trust zones.

Professional experience with PKI/certificate authority and OpenSSL.

Professional experience with SEG, NGFW, AV and EDR.

Professional experience with various SIEMs and SOC management.

Professional experience with multi factor authentication implementation.

Familiarity with security compliance standards such as HIPAA, PCI-DSS, GDPR, etc.

Familiarity with security frameworks such as HITRUST, NIST, OWASP, ISO 27000, SANS CIS 20, STIGs, ITIL, etc.

Familiarity with the full stack OSI model, as well as TCP/IP protocol suite.

Familiarity with vulnerability management and patch cycles.

Familiarity with risk assessments, pen-tests, table-top exercises, BCDR, and change management.

Familiarity with writing and implementing IT policy, CSIRT plans, and training & awareness programs.

UNIQUE PHYSICAL/MENTAL DEMANDS, ENVIRONMENT AND WORKING CONDITIONS:

Requires ability to move items and equipment weighing up to 70 lbs.

Requires ability to appropriately manage and handle highly confidential information.

Requires ability to remain focused, self-motivated, and initiative-taking while working independently or on a team, regardless of working onsite or remotely with little to no instruction.

Requires planning, organizing, and working on multiple tasks at one time with tight time constraints.

Requires ability to identify the most important tasks and prioritize accordingly.

Requires ability to implement a logical and structured approach to time management.

Requires ability to demonstrate a high level of professionalism and show respect to all co-workers, patients, business partners, and members of the public.

Requires ability to demonstrate a strong collaborative mindset, share knowledge, and function as a contributing member of the team.

Requires ability to work effectively with all levels of the organization and broad technical understanding, while providing excellent customer service.

Requires ability to demonstrate a high level of communication skills, both verbal (meeting organizer, training, etc.) and written (E-mail, IT policy, documentation, etc.) to C-level executives, auditors, end users, and engineers.

Requires ability to quickly learn, conduct own research as necessary, and retain information.

Requires ability to quickly understand information systems to identify and validate security requirements.

Requires ability to stay up to date on all current cybersecurity events and zero-day exploitations.

Requires ability to demonstrate strong critical-thinking and problem-solving skills.

Requires ability to demonstrate acute attention to detail.

PERFORMANCE RESPONSIBILITIES:

Level I:

Monitor all security solutions, investigate all alerts, and respond appropriately to all identified threats, incidents, and/or compromise.

Monitor the ticket queue, attempt first tier support, and escalate as needed.

Provide excellent customer service.

Assist staff with access related issues.

Provide certificate assistance to other teams as needed.

Document all team related procedures and resources to include notes, training, templates, knowledge bases, databases, change control and SOPs.

Perform performance maintenance and patch management on all security tools and databases.

Provide IT policy guidance to assist staff with security compliance.

Assist and take instruction from higher-level analysts with duties and responsibilities as assigned.

Level II: (In addition to responsibilities for level I)

Configure, manage, and operate all security tools to include firewalls, AV, SIEMs, SEG, PKI, etc.

Conduct internal risk assessments.

Research, recommend, and implement changes to procedures, systems, or infrastructure to enhance security and/or address non-compliance with information security standards.

Review and recommend updates all team related procedures and resources to include notes, training, templates, knowledge bases, databases, change control and SOPs.

Research and recommend patching for known threats and zero-day vulnerabilities.

Research new technology requests and recommend appropriate security guidance.

Provide security training and implement awareness campaigns to help educate staff.

Assist and provide guidance to lower-level analysts with assigned duties and responsibilities.

Assist and take instruction from senior-level analysts and supervisor with duties and responsibilities as assigned.

Level Sr: (In addition to responsibilities for level II)

Design, engineer, and architect all aspects of network, endpoint, and infrastructure security.

Conduct threat hunting within our internal environment.

Perform HR approved internal audits.

Recommend new technology and tools to advance the overall security posture and adapt to the emerging threat landscape of our environment.

Research and recommend updates to enterprise security documents, including policies, standards, baselines, guidelines, and procedures.

Manage the risk registry and provide appropriate recommendations and accountability.

Design training and awareness material.

Assist and provide guidance to lower-level analysts with assigned duties and responsibilities.

Assist and take instruction from supervisor and/or team lead with duties and responsibilities as assigned.

Team Lead: (In addition to responsibilities for level Sr)

Assign prioritization, tasks, tickets, and projects to team members.

Assign support matrix roles to team members.

Manage the team calendar.

Set agenda and run team meetings.

Perform assessments and attestations.

Provide all necessary periodic reports and urgent updates to the supervisor.

Coordinate operations and licensing renewals with third-party vendors and business partners.

Assist and provide guidance to lower-level analysts with assigned duties and responsibilities.

Assist and take instruction from supervisor with duties and responsibilities as assigned.

Reviewed: 01/20

Revised: 12/23

Grade: NCNM 25, 27, 29

FLSA: E

CC: 8552

Job Qualifications:

PREREQUISITES:

Level I:

Level II:

Applied Job Experience: Information Security Background: Industry experience preferred as a Cybersecurity Practitioner, Security Operations Center (SOC) Analyst, Risk Assessment Auditor, Penetration Tester, Incident Response Handler, or Computer Forensics Investigator. Experience as a Systems Administrator or Network Engineer to be considered up to three (3) years as time towards.

Level Sr:

Applied Job Experience: Information Security Background: Industry experience preferred as a Cybersecurity Practitioner, Security Operations Center (SOC) Analyst, Risk Assessment Auditor, Penetration Tester, Incident Response Handler, or Computer Forensics Investigator. Experience as a Systems Administrator or Network Engineer to be considered up to three (3) years as time towards.

QUALIFICATIONS:

Working knowledge with scripting languages and automation such as Python, PowerShell, etc.

Working knowledge with securing cloud computing and cloud services such as Azure and AWS.

Working knowledge with securing operating system environments such as Windows, Mac, Linux, etc.

Working knowledge with securing networking, wireless and virtual environments.

Working knowledge with subnetting, segmentation, and zero-trust zones.

Professional experience with PKI/certificate authority and OpenSSL.

Professional experience with SEG, NGFW, AV and EDR.

Professional experience with various SIEMs and SOC management.

Professional experience with multi factor authentication implementation.

Familiarity with security compliance standards such as HIPAA, PCI-DSS, GDPR, etc.

Familiarity with security frameworks such as HITRUST, NIST, OWASP, ISO 27000, SANS CIS 20, STIGs, ITIL, etc.

Familiarity with the full stack OSI model, as well as TCP/IP protocol suite.

Familiarity with vulnerability management and patch cycles.

Familiarity with risk assessments, pen-tests, table-top exercises, BCDR, and change management.

Familiarity with writing and implementing IT policy, CSIRT plans, and training & awareness programs.

We have other current jobs related to this field that you can find below

architect lead

6 days ago

Starbucks Seattle, United States

Job Description · Job Summary and Mission · As an architect lead within Starbucks Technology you will build and enhance global IT solutions that define how Starbucks delivers award winning consumer and partner experiences. Lead Architects are accountable for the conversion of b ...
architect lead

2 weeks ago

Starbucks San Francisco, United States Permanent

Job Summary and Mission · As an architect lead within Starbucks Technology you will build and enhance global IT solutions that define how Starbucks delivers award winning consumer and partner experiences. Lead Architects are accountable for the conversion of business need into a ...
architect lead

5 days ago

Starbucks Seattle, United States

Job Summary and Mission · As an architect lead within Starbucks · Technology · you will build and enhance global IT solutions that define how Starbucks delivers award winning consumer and partner experiences. Lead Architects are accountable for the conversion of business need i ...
Tech Leads and Solution Architects

6 days ago

The AES Group Bellevue, United States

Let's create our future together at The AES Group · Are you a hands-on technology architect with the strongest passion to inspire technology teams to be the best they can be and eventually grow a game-changing technology practice that transforms businesses? Are you ready to be p ...
Lead Application Architect

5 days ago

VeeRteq Solutions Inc. Seattle, United States

Job Description · Job DescriptionPosition: Lead Application Architect Location: Seattle,WA / Frisco, TXDuration: 6 Months Job Type: Contract Work Type: Onsite Job Description: We are seeking a highly skilled and experienced Application Architect to join our team. The ideal candi ...
Lead Application Architect

5 days ago

Tekwissen Seattle, United States

Overview: · TekWissen Group is a workforce management provider throughout the USA and many other countries in the world. Our client provider of digital technology and transformation, information technology and services · Position: Lead Application Architect · Location: Seattl ...
Architect/Lead Dev

2 weeks ago

Tech Mahindra / Microsoft Redmond, United States

Hi, · One of my direct client is looking for · Sr. Consultant - (Architect/Lead Dev) · in Redmond, WA. If you are interested, please share me your updated resume. · Title: Sr. Consultant - (Architect/Lead Dev) · Location: Redmond, WA · Direct Client: Microsoft · Skills: · ...
Architect/Lead Dev

1 week ago

Tech Mahindra / Microsoft Redmond, United States

Hi, · One of my direct client is looking for · Sr. Consultant - (Architect/Lead Dev) · in Redmond, WA. If you are interested, please share me your updated resume. · Title: Sr. Consultant - (Architect/Lead Dev) · Location: Redmond, WA · Direct Client: Microsoft · Skills: · ...
Full Time GCP Lead/Architect

3 weeks ago

E-Solutions Seattle, United States Full time

Position : GCP Architect/Lead · Location : Seattle, WA · Work Type : Full Time Only · Job Responsibilities : · Proficiency in programming languages such as Python (very essential) and PySpark. –Must Have · Dimensional Modelling skills. -Good to Have · Competence in PL SQL and SQL ...
architect lead – Partner/Workforce Management

2 weeks ago

Starbucks Seattle, United States

Job Summary andMission As an architect lead within StarbucksTechnology you will build and enhance global ITsolutions that define how Starbucks delivers award winning consumerand partner experiences. Lead Architects are accountable for theconversion of business need into archite ...
SAP S/4HANA Technical Lead/ Architect

2 weeks ago

LTI Mindtree Seattle, United States

About Us: · LTIMindtree is a global technology consulting and digital solutions company that enables enterprises across industries to reimagine business models, accelerate innovation, and maximize growth by harnessing digital technologies. As a digital transformation partner to m ...
Lead Solutions Architect

2 weeks ago

PingCAP Seattle, United States

Join us as we scale our business in NA/EMEA by building on our tremendous success around the world. The massive database market is going to double over the next few years (the IDC estimates it to be $119B+ by 2025) and PingCAP is a global player positioned as a major disruptor wi ...
Full Time GCP Lead/Architect

1 week ago

E-Solutions Seattle, United States Full time

Position : GCP Architect/Lead · Location : Seattle, WA · Work Type : Full Time Only · Job Responsibilities : · - Proficiency in programming languages such as Python (very essential) and PySpark. –Must Have · - Dimensional Modelling skills. -Good to Have · - Competence in PL SQL ...
Full Time GCP Lead/Architect

1 week ago

E-Solutions Seattle, United States Full time

Position : GCP Architect/Lead · Location : Seattle, WA · Work Type : Full Time Only · Job Responsibilities : · - Proficiency in programming languages such as Python (very essential) and PySpark. Must Have · - Dimensional Modelling skills. -Good to Have · - Competence in PL ...
architect lead – Partner/Workforce Management

3 weeks ago

Starbucks Seattle, United States

· Job Summary and Mission · As an architect lead within Starbucks · Technology · you will build and enhance global IT solutions that define how Starbucks delivers award winning consumer and partner experiences. Lead Architects are accountable for the conversion of business need ...
Full Time GCP Lead/Architect

3 weeks ago

E-Solutions Seattle, United States Full time

Position : GCP Architect/Lead · Location : Seattle, WA · Work Type : Full Time Only · Job Responsibilities : · Proficiency in programming languages such as Python (very essential) and PySpark. Must Have · Dimensional Modelling skills. -Good to Have · Competence in PL SQL an ...
Senior Data Solution Architect

1 week ago

Boeing Renton, United States Full time

Job Description · Qualifications: The Boeing Company is currently seeking a Senior Data Solution Architect to join the team in either Everett, WA; Auburn, WA; Kent, WA; Renton, WA; Seattle, WA; or Tukwila, WA . · The Data Solution Architect will have a passion for building ...
Sr Android Developer

3 weeks ago

Hasbro Renton, United States

At Wizards of the Coast, we connect people around the world through play and imagination. From our genre-defining games like Magic: The Gathering and Dungeons & Dragons to our growing multiverse, we continue to innovate and build new ways to foster friendship and connection. That ...
Territory Sales Manager

3 weeks ago

Associated Materials Tukwila, United States Full time

Territory Sales Manager · Since 2022, Associated Materials / Alside has been undergoing a transformation to maximize our potential through investments in people, operations, and brands. · If you want to be part of a company where your ideas and input are more than just encouraged ...
ASIC and/or FPGA Design

2 weeks ago

Boeing Tukwila, United States Full time

Job Description · Qualifications: Boeing Space, Intelligence & Weapons Systems has an exciting opportunity for multiple ASIC and/or FPGA Design and Verification Engineers at Entry Level, Associate and Experienced levels to join us as part of our Boeing Electronic Products team a ...