Cyber Security Architect - Defense Architect (Security Operations) (Remote)

Job Description

Community Health Systems is one of the nation's leading healthcare providers. Developing and operating healthcare delivery systems in 40 distinct markets across 15 states, CHS is committed to helping people get well and live healthier. CHS operates 71 acute-care hospitals and more than 1,000 other sites of care, including physician practices, urgent care centers, freestanding emergency departments, occupational medicine clinics, imaging centers, cancer centers and ambulatory surgery centers.

Summary:

As a member of the Cyber Architecture team, the Defense Architect will be responsible for leading a wide range of security architecture activities including the investigation, development, deployment, and maintenance of new capabilities that enhance the effectiveness of the Cyber Security Risk Management (CSRM) - Security Operations Center (SOC) in monitoring, detecting, analyzing, and responding to cyber threats and incidents that affect the enterprise.

The Defense Architect will serve as a security expert in the Security Operations space and is accountable for the development (in consultation with engineering) of a SOC strategy, security reference architecture, and corresponding SOC capability roadmaps in alignment with the National Institute of Standards and Technology (NIST) - Cyber Security Framework (CSF) and the NIST SP 800-53 controls, in specific areas including (but not limited to); Threat and Vulnerability Management (TAVM), Security Incident and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Endpoint Detection and Response (EDR), Network Detection and Response (NDR), Log Management, Threat Intelligence, and User Entity an Behavior Analytics (UEBA).

The Architect will guide technology platform decisions to reflect defined SOC capabilities and architectures, business impact and exposures, emerging threats, vulnerabilities, regulatory requirements, and risks. The Defense Architect will work with other Enterprise Architects, functional area architects (i.e., Network Security, IAM, Cloud Security, Data Protection, and Platform Security), project teams, and security specialists to ensure adequate SOC capabilities are in place throughout the enterprise including CHS-owned facilities and data centers, 3rd party cloud IT systems and platforms, and will communicate the risks and solutions to business and IT partners.

Essential Duties and Responsibilities:

• Define and document a Security Reference Architecture/Strategy (s) for Secure Operations Center (SOC) capabilities at the enterprise level utilizing the NIST - CSF, NIST SP-800.53, OWASP publications as guiding principles.

• Create Secure Operations Center (SOC) "Implementation Patterns" for SaaS, Web Applications, Mobile, Cloud-Native, API implementations, etc. to ensure that these platforms are integrated into the SOC (SIEM/SOAR) to ensure proper Threat Monitoring and Incident Response.

• Aid in the development and maintenance of Secure Operations Center (SOC) security standards based on National Institute of Standards and Technology (NIST) recommendations, specifically NIST SP 800-53.

• Lead multiple projects focused on the implementation of new Secure Operations Center (SOC) capabilities and working closely with engineering to deploy security tooling in alignment with those capabilities that protects the CHS enterprise with respect to Threat Detection and Response.

• Accountable for thoroughly documenting all Secure Operations Center (SOC) capabilities from an Architecture perspective including the creation of Reference Architecture documents, Architecture Strategic Direction documents, Capability Roadmaps, and other work-products.

• Partner with Back Office - Cloud, Network Security, Platform Security, Data Protection, and Vulnerability Management team(s) to develop, implement, and (where needed) enhance enterprise Secure Operations Center (SOC) architectures and solutions.

• Business and Soft Skill expectations:

• Communicate and interact effectively and professionally with co-workers, management, customers, etc.

• Maintain complete confidentiality of company business.

• Communicate with management regarding development within areas of assigned responsibilities and perform special projects as required or requested.

Qualifications:

• Required Education: High school diploma

• Preferred Education: Bachelor's or Master's Degree in Cyber Security, Computer Science, Information Systems (or other related field), or equivalent work experience.

• Required Experience:

• Duration:

• 10+ years of IT or information security, and

• 5+ years of Security Operations Center

• Activities:

• Designed and implemented Security Operations technologies within "on premise" and/or 3rd Party cloud platforms.

• Served as architecture or expert thought leader for Security Operations technology and influenced the strategy to address internal or external business and regulatory issues with respect to protection of sensitive data.

• Worked in process-driven structured environments, and participated in process optimization activities.

• Competencies:

• Advanced knowledge of security principles, issues, and Security Operations techniques and/or Security Operations implementations across "on premise" and/or 3rd Party cloud platforms including SIEM, SOAR, Threat Intelligence, Vulnerability Management, etc.

• Proactive identification and solving of complex problems

• Strong understanding of systems development lifecycle to provide technical leadership for multifunctional projects or initiatives.

• Effective communication of technical concepts to a non-technical audience.

• Excellent written and verbal communication skills

• Preferred Experience: 5+ years of Security Operations experience

• Required License/Registration/Certification: None

• Preferred License/Registration/Certification: CISSP, CCSP, GCSA

• Computer Skills Required: Productivity suite software

Physical Demands:

In order to successfully perform this job, with or without a reasonable accommodation, the following are outlined below:

• The Employee is required to read, review, prepare and analyze written data and figures, using a PC or similar, and should possess visual acuity.

• The Employee may be required to occasionally climb, push, stand, walk, reach, grasp, kneel, stoop, and/or perform repetitive motions.

• The Employee is not substantially exposed to adverse environmental conditions and; therefore, job functions are typically performed under conditions such as those found within general office or administrative work.