Enterprise Cybersecurity Chief Architect - Full-time / Part-time

Job Summary:

The Enterprise Cybersecurity Architect position is a unique role in the cybersecurity organization, working across the entire cybersecurity domain to drive a continuous evolution of the program, frameworks and future state architecture. This role will contribute to the security risk strategy and framework development, and will drive develop reference models and conceptual architectures across multiple technical security solution areas.

Job Responsibilities:

• Provides risk management frameworks and principles across the enterprise.
• Conducts or facilitates threat modeling of services and applications that tie to the risk and data associated with the service or application.
• Provides thought leadership and evolves architecture across all enterprise technical security services such as SIEM, DLP, PKI, IDS/IPS, enterprise authentication/authorization frameworks and models.
• Creates an approach for addressing the specific architectural, design, or process challenge
• Conducts a gap analysis of current versus desired capabilities.
• Creates white papers and presentations on the proposed solution.
• Provides technical briefings to leadership.
• Participates in various forums, and creating meeting reports, recommendations, and feedback as directed by leadership.
• Presents technical concepts to a non-technical audience.
• Other duties as assigned.

Education:

• Bachelor's degree in Information Technology/Computer Science or related field required.

Certifications:

• Certified Information Systems Security Professional (CISSP) from International Information Systems Security Certification Consortium (ISC2) required.
• Certifications from SysAdmin, Audit, Network and Security Institute (SANS), International Information Systems Security Certification Consortium (ISC2) or Computing Technology Industry Association (CompTIA) or other position related certifications preferred.
• ITIL Foundations certification required within 6 months of position start date

Complexity of Work:

• Ability to conducting a gap analysis of current versus desired capabilities
• Advanced knowledge with complex domain structures, user authentication mechanisms and cryptography.
• Has in-depth knowledge of intrusion detection and data correlation.
• Advanced knowledge of networking/distributed computing environment concepts.
• Intricate knowledge of network topology and the underlying OSI model.
• Understands principles of client/server configuration.
• Excellent knowledge of security technology and strong analytical skills.
• Must be able to work in stressful environment and take appropriate action.
• Strong analytical, administrative, presentation, and project management skills are required.
• Must have strong communication skills (both written and verbal) and the ability to work independently.

Work Experience:

• Minimum of 15 years of experience in the information security field with expert knowledge of applications, cloud and mobile security, platforms and infrastructure.
• Must have highest level experience in security strategy and architecture, operations, cyber security tools, intrusion detection, secure networks and current state-of-the-art cybersecurity technologies, standards, policies, procedures
• Extensive experience with requirements analysis and the development of use cases, architectural views (e.g. conceptual, logical, physical), reference models and architectures, architectural principles, and architectural patterns.
• Knowledge of Regulations, Standards and Frameworks, including HIPPA/HITECH, HITRUST, SABSA, Zachman, TOGAF, NIST Cybersecurity Framework, ISO 27001/2.
• Subject matter expertise in one or more of network architecture, Big Data, Cloud Security, medical device security.
• Experience with developing and maintain security architecture artifacts (e.g., models, templates, standards and procedures) that can be used to leverage security capabilities.

Physical Requirements:

• Requires the ability to sit and be stationary for prolonged periods of time, normal or corrected vision and manual dexterity sufficient to perform work on a personal computer.
• Requires the ability to walk to various locations throughout the organization and to function in a stressful environment.

Personal Protective Equipment:

• Follows standard precautions using personal protective equipment as required.

The policy of Cleveland Clinic and its system hospitals (Cleveland Clinic) is to provide equal opportunity to all of our employees and applicants for employment in our tobacco free and drug free environment. All offers of employment are followed by testing for controlled substance and nicotine. Job offers will be rescinded for candidates for employment who test positive for nicotine. Candidates for employment who are impacted by Cleveland Clinic's Smoking Policy will be permitted to reapply for open positions after 90 days. Decisions concerning employment, transfers and promotions are made upon the basis of the best qualified candidate without regard to color, race, religion, national origin, age, sex, sexual orientation, marital status, ancestry, status as a disabled or Vietnam era veteran or any other characteristic protected by law. Information provided on this application may be shared with any Cleveland Clinic facility.

Cleveland Clinic is pleased to be an equal employment employer: Women/Minorities/Veterans/Individuals with Disabilities