Lyric
Principal Enterprise Security Architect
Lyric, Atlanta, Georgia, United States, 30383
Lyric, formerly ClaimsXten, is a leading healthcare technology company, committed to simplifying the business of care. Over 30 years of experience, dedicated teams, and top technology help deliver more than $14 billion of annual savings to our many loyal and valued customers—including 9 of the top 10 payers across the country. Lyric’s solutions leverage the power of machine learning, AI, and predictive analytics to empower health plan payers with pathways to increased accuracy and efficiency, while maximizing value and savings. Lyric’s strong relationships as a trusted ally to customers resulted in recognition from KLAS as “true partner” and “excellent value for investment,” with a top score for overall customer satisfaction and A+ likelihood to recommend in their October 2023 Payment Integrity and Accuracy Report. Discover more at Lyric.ai .
Summary:
The Principal Enterprise Security Architect will advise other technology teams in all matters related to Lyric’s security strategy and implementation, including security tools within cloud ecosystems (Azure and AWS), network IPS/IDS, identity and access management (IAM), user entity and behavior analysis (UEBA), zero trust, security access and service edge (SASE), and security frameworks and methodologies. The position will partner with business and technical leaders to develop and deliver solutions that support business strategies and protect Lyric’s intellectual property and customer data.
Job Responsibilities:
Actively participate in various business and enterprise architecture forums to champion cloud security interests and provide expertise on security-related issues
Create and maintain security strategy plans and roadmaps; influence the planning and execution of the roadmap with measurable benchmarks to show progress (or deficiencies requiring additional attention)
Develop and maintain Security Architecture processes and artifacts that enable the enterprise to implement security capabilities that are aligned with the business, technology, and threat drivers
Serve as the subject matter expert in secure cloud technology design, development, and implementation in support of products, solutions, and business functionality enablement
Establish architecture design principles and practices to improve performance, effectiveness, security, compliance, and scalability of solutions
Partner with cross-functional teams to assess cloud security risks by establishing security architecture with a focus on threat detection, security control enforcement, and incident response
Understand the offerings within Amazon Web Services (AWS) as well as other leading cloud service providers
Based on business requirements, plan and design cloud-native architecture that adheres to cloud security frameworks, standards, and best practices
Determine baseline security configuration standards for operating systems (e.g., OS Hardening), network segmentation, web application firewall, mobile devices, etc.
Review security technologies, tools, and services, and make recommendations to the broader security team for their use, based on security policy and procedures
Basic Requirements:
10+ years of experience with hands-on security architecture and/or engineering
5+ years of experience with Amazon Web Services (AWS) and Microsoft (MS) Azure
Preferred Requirements:
Bachelors Degree
CISSP, CISA, CISM, CCSP, or other relevant security-related designation(s)
AWS Security Certification
AWS Solutions Architect Certifications
Experience with SaaS, IaaS, and PaaS architectural solutions within Amazon Web Services, Microsoft Azure, and other cloud providers
Experience in Cloud, DevSecOps, Container Security, IAM patterns, WAF/CDN/DDoS services, security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
Experience in security architecture methodologies like NIST security framework and HITRUST standards, best practices like Mitre Att@ck framework, CIS benchmarks, and defense-in-depth
Experience with data protection, cryptography, key management, identity, and access management (IAM), network security within SaaS, IaaS, PaaS, and other cloud environments
Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
Broad knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies, and application controls
Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP), and other network and system monitoring tools
***The US base salary range for this full-time position is:
$143,327.23 - $214,990.85
The specific salary offered to a candidate may be influenced by a variety of factors including but not limited to the candidate’s relevant experience, education, and work location. Please note that the compensation details listed in US role postings reflect the base salary only, and does not reflect the value of the total rewards compensation. ***
Lyric is an Equal Opportunity Employer that drives superior business results by understanding and leveraging diversity. We strive to maximize the productivity and performance of our employees by fostering a winning team spirit and high personal accountability. Everyone is encouraged to respond including women, people of color, veterans, people with disabilities, all lifestyles, beliefs and generational diversity.
Summary:
The Principal Enterprise Security Architect will advise other technology teams in all matters related to Lyric’s security strategy and implementation, including security tools within cloud ecosystems (Azure and AWS), network IPS/IDS, identity and access management (IAM), user entity and behavior analysis (UEBA), zero trust, security access and service edge (SASE), and security frameworks and methodologies. The position will partner with business and technical leaders to develop and deliver solutions that support business strategies and protect Lyric’s intellectual property and customer data.
Job Responsibilities:
Actively participate in various business and enterprise architecture forums to champion cloud security interests and provide expertise on security-related issues
Create and maintain security strategy plans and roadmaps; influence the planning and execution of the roadmap with measurable benchmarks to show progress (or deficiencies requiring additional attention)
Develop and maintain Security Architecture processes and artifacts that enable the enterprise to implement security capabilities that are aligned with the business, technology, and threat drivers
Serve as the subject matter expert in secure cloud technology design, development, and implementation in support of products, solutions, and business functionality enablement
Establish architecture design principles and practices to improve performance, effectiveness, security, compliance, and scalability of solutions
Partner with cross-functional teams to assess cloud security risks by establishing security architecture with a focus on threat detection, security control enforcement, and incident response
Understand the offerings within Amazon Web Services (AWS) as well as other leading cloud service providers
Based on business requirements, plan and design cloud-native architecture that adheres to cloud security frameworks, standards, and best practices
Determine baseline security configuration standards for operating systems (e.g., OS Hardening), network segmentation, web application firewall, mobile devices, etc.
Review security technologies, tools, and services, and make recommendations to the broader security team for their use, based on security policy and procedures
Basic Requirements:
10+ years of experience with hands-on security architecture and/or engineering
5+ years of experience with Amazon Web Services (AWS) and Microsoft (MS) Azure
Preferred Requirements:
Bachelors Degree
CISSP, CISA, CISM, CCSP, or other relevant security-related designation(s)
AWS Security Certification
AWS Solutions Architect Certifications
Experience with SaaS, IaaS, and PaaS architectural solutions within Amazon Web Services, Microsoft Azure, and other cloud providers
Experience in Cloud, DevSecOps, Container Security, IAM patterns, WAF/CDN/DDoS services, security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
Experience in security architecture methodologies like NIST security framework and HITRUST standards, best practices like Mitre Att@ck framework, CIS benchmarks, and defense-in-depth
Experience with data protection, cryptography, key management, identity, and access management (IAM), network security within SaaS, IaaS, PaaS, and other cloud environments
Experience working with cloud security and governance tools, cloud access security brokers (CASBs), and server virtualization technologies
Broad knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), antivirus and firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies, and application controls
Experience architecting SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP), and other network and system monitoring tools
***The US base salary range for this full-time position is:
$143,327.23 - $214,990.85
The specific salary offered to a candidate may be influenced by a variety of factors including but not limited to the candidate’s relevant experience, education, and work location. Please note that the compensation details listed in US role postings reflect the base salary only, and does not reflect the value of the total rewards compensation. ***
Lyric is an Equal Opportunity Employer that drives superior business results by understanding and leveraging diversity. We strive to maximize the productivity and performance of our employees by fostering a winning team spirit and high personal accountability. Everyone is encouraged to respond including women, people of color, veterans, people with disabilities, all lifestyles, beliefs and generational diversity.