Principal Cybersecurity Architect

Fairview has an opportunity for an experienced visionary Principal Cybersecurity Architect to join our healthcare organization. As a Principal Cybersecurity Architect focused on Cybersecurity, you will be responsible for developing and maintaining the enterprise architecture strategy and roadmap for our organization. You will work closely with our senior leadership team to align our technology investments with our business objectives, and to ensure that our systems and solutions are integrated, scalable, and secure.

The ideal candidate will have extensive experience in enterprise architecture, cybersecurity, knowledge of healthcare industry standards and regulations, and a deep understanding of technology trends and emerging technologies. As a member of our team, you will play a critical role in shaping the future of our organization and delivering high-quality care to our patients. This role is accountable for budget responsibilities and team member leadership.

• Develop and maintain the enterprise cybersecurity and risk management architecture strategy and roadmap for our organization.
• Manage a team of architects. Responsible for the budget, and staff recruitment, performance, engagement, and retention.
• Work closely with CISO and other cybersecurity leadership to align our security technology investments with our business objectives.
• Define and maintain our enterprise cybersecurity architecture standards and guidelines.
• Provide leadership and guidance to our IT, security, and infrastructure teams.
• Ensure that our systems and solutions are integrated, scalable, and secure.
• Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the security industry.  Formally communicate trends to EA and CISO. 
• Adise CISO and leadership team in vendor/product/service selection, assist in educating and persuading business and operational leaders with adoption of security controls.
• Own development of rolling 18-month cycle to achieve To-Be architecture for Cybersecurity and risk management. Review vendor technology roadmaps into cybersecurity domain roadmaps to ensure continuous improvements to cyber domain operations, including cost-to-serve and other financial KPIs.
• Oversee development and maturity of Cybersecurity response, containment, recovery and restore playbooks for the enterprise.
• Partner with office of CISO to deploy Enterprise and Cyber Resiliency processes, procedures and methods.
• Oversee development and maintenance of blueprint of Disaster Recovery of critical business systems from Cyber induced disaster events.
• Partner with IT, Applications, Operations, IT GRC, Cybersecurity and other teams to simulate a Cybersecurity disaster and recovery drills, tabletop exercises. Partner with CISO to document gaps and drive collaboration to remediate.
• Partner with CISO to develop cohesive strategy to implement frictionless security controls and achieve industry certifications, such as HITRUST, SOC-II
• Partner with CISO to develop implementable roadmap to deploy controls aligning to security industry best practices, such as Zero Trust Network Access, Defense in Depth.
• Stay up-to-date with emerging technologies and industry trends.
• Drive innovation and continuous improvement in our technology landscape.
• Collaborate with our IT and security teams to ensure that our technology investments comply with healthcare industry standards and regulations.
• Conduct architecture assessments and provide recommendations for improvement.
• Develop and maintain architecture-related policies and procedures.
• Provide guidance and support for technology procurement and vendor management.

Artifacts accountable for:

• All artifacts prescribed by MHF’s EA framework, appropriately phased for priority.

Required  

Education           

• Bachelor’s degree in computer science, information technology or related field or equivalent combination of education/experience

Experience:

• Minimum of 10 years of experience in enterprise architecture.
• Experience with leading teams and complex projects.Strong leadership, coaching and mentoring of resources in architecture functions.
• Knowledge of healthcare industry standards and regulations.
• Strong understanding of technology trends and emerging technologies.
• 5 years of experience with developing and implementing enterprise cybersecurity and risk management architecture strategies and roadmaps.
• Experience with security risk management frameworks such as NIST-CSF, HITRUST, MITRE and compliance certifications such as HIPAA, PCI-DSS, SOC-II.
• 2 years developing and maturing EcoSystem driven frameworks.
• Excellent problem-solving and critical thinking skills.
• Excellent written and verbal communication skills.
• Ability to work independently and in a team environment

License/Certification/Registration

• Certification in at least one of the common architecture frameworks (TOGAF, Zachman, DODAF, FEAF or FEAC)

Preferred:

Education:

•  Advanced degree in computer science, information technology or related

Experience:

• 10 years of experience in enterprise architecture or similar roles
• Direct hands-on experience with Teams, DevOps, Rally, JIRA, Confluence and other productivity tools
• In-depth knowledge of and proven cloud experience with multi-cloud solutions and hybrid business intelligence stacks
• Experience with Cyber risk quantification methodologies.
• Experience with healthcare data terminologies, high-performance computing
• Experience with App Orchard

License/Certification/Registration

• Certifications in multiple common architecture frameworks such as TOGAF, Zachman, DODAF, FEAF, FEAC is preferred.
• Security industry certifications, such as CISSP, CISM etc.