Logo
C4 Technical Services

Information Security Architect Job at C4 Technical Services in Minneapolis

C4 Technical Services, Minneapolis, MN, United States


Information Security Architect
Location: Minneapolis, MN


This company is a non-profit organization in the exciting and rapidly evolving cellular therapy industry. We seek an Information Security Architect to maintain and improve our security practice with system integration, software development, and application deployment pipelines.

The Information Security Architect is responsible for the definition, standardization and reuse of practical security architecture patterns for internally developed applications, integration of third-party applications and the supporting infrastructure. This role is responsible for ensuring that solution security patterns are in alignment with our company's Enterprise Architecture, Infrastructure and Information Security strategies, as well as with company's business strategies and product roadmaps.

The successful Information Security Architect will work across the global corporate organization to translate business requirements into security architectures and requirements, build security blueprints and roadmaps, provide long-range guidance on technology selection and implementation within one or more shared systems, and will assume a technical leadership and mentoring position on large development initiatives. This is a hybrid position in Minneapolis.

ACCOUNTABILITIES:
  • Collaborates across all areas of Information Technology to ensure solution patterns, technologies and toolsets align with the Enterprise Security and Information Technology strategic plans and budgets
  • Mature the DevSecOps solutions and practices to maintain and accommodate the changing needs of Application Development teams
  • Provides architecture support and guidance to the project delivery teams. The Information Security Architect will
  • Provide technical guidance, analysis and direction, for enterprise wide key projects and strategic initiatives as it relates to information security and privacy. Find common ground and gain cooperation when conflicts arise and provide process improvements.
  • Influence the integration of information security principles in the solution design, processes, and standards, based on business, regulatory, or customer requirements.
  • Define and specify the artifacts and the requirements to be met at the project level and to be included in project plans.
  • Manage the relationship with project teams by providing positive and solution-oriented leadership.
  • Provide support on use of the Enterprise Security architecture standards and promote their use and enhancement with new or existing solutions.
  • Assess solution architectures for new or existing solutions and conduct security reviews at various stages during the project life cycle. Identify security risks, through threat modeling, associated with solution architectures, and recommend actions and mitigation strategies to address them.
  • Create security architecture documentation that provides a comprehensive overview of a system's security plan.
  • Coach engineering and related teams on securing CI-CD/DevOps practices.
  • Assists Enterprise Architecture with the definition and management of the organization's security architecture, its roadmap and its realization through application and infrastructure development lifecycles.

REQUIRED QUALIFICATIONS:

Knowledge of:
  • Deep understanding of the relationship between application design, data and infrastructure environments. Demonstrated experience working across security competencies, such as Identity and Access Management, Cloud Security, Data Security, Container Security, and Application Security.
  • Strong understanding of secure software development practices and technologies, including vulnerability detection/identification/remediation.
  • Intimate knowledge of threat modeling (OWASP, MITRE).
  • General knowledge of security frameworks (ISO, NIST, HIPAA, etc.)
Ability to:
  • Demonstrate strong business and technical skills in the planning, administration, and management of information systems, administrative and technical security controls; and security risk analysis, threat modeling and management.
  • Demonstrate strong interpersonal and organizational skills; demonstrated success in working both independently and in a team environment. Above average written and oral communication skills. Demonstrated strong analytical and creative problem solving, and the ability to manage multiple and rapidly changing priorities.
  • Demonstrate excellent written and oral presentation skills. Excellent facilitation, collaboration and negotiation skills.
Education and/or Experience:
  • Bachelor's degree in computer science, management information systems, or related field. However, upon evaluation, equivalent related experience and/or education may be substituted for the degree.
  • Eight years of Information Security experience with responsibilities spanning many Information Security disciplines. Prior health care experience strongly preferred.

#DICE
nkraft@c4techservices.com