Security Architect

What You’ll Be Doing

• Understand Arcadia’s business strategy and product offerings and how it relates to our security architecture strategy and deliver architectural guidelines, best practices, and direction on security within architectural standards, policies, and roadmaps
• Drive beneficial security architectural changes through the development or review of architectures to ensure that they fit requirements for security, privacy, compliance, cyber risk mitigation, and conformance to relevant security standards while balancing information risk against the cost of appropriate countermeasures
• Integrate with change management processes to ensure a security review or assessment is conducted for all significant changes to Arcadia’s production, cloud architecture, and development environments.
• Leverage knowledge of architectural best practices to develop a long-term strategy that considers business needs and budgetary constraints
• Collaborate with development teams to ensure effective implementation of security within the SDLC and ensure that relevant tasks are completed and required artifacts are created and maintained
• Perform Security Impact Analysis for all web/code changes as part of the Change Management process before release and deployment
• Proactively engages key stakeholders regarding architectural security decisions, plans, goals, and strategies that impact business operations and initiatives
• Document and maintain security designs, processes, procedures, and other artifacts
• Assist in developing configuration baselines and supporting the deployment and adherence of secure configuration management processes
• Continually evaluate and understand the implications to Arcadia and its customers concerning the evolving cybersecurity risk landscape and industry practices to remain current with threats and associated countermeasures

What You’ll Bring

• Demonstrated experience in architecture, design, and management of security for highly available, resilient systems (physical, virtual, cloud).
• Experience with container technologies such as Kubernetes and Docker.
• Experience with deployment orchestration, automation, and security configuration management (Jenkins, GitHub Actions, Terraform, CloudFormation).
• In-depth knowledge of AWS services, including experience in designing, implementing, and maintaining secure AWS infrastructure (e.g., IAM, SCPs, Secrets Manager, KMS, WAF and Shield, GuardDuty, CloudFront, CloudTrail, Inspector, etc.).
• Three years of experience with cloud security and native technologies (Azure, AWS).
• Working knowledge of enterprise-level Active Directory and AWS security solutions.
• Working knowledge of current cyber threats and countermeasures.
• Experience with the development of flow diagrams, assignment of subsystems and trust boundaries, boundary protection definition, and threat modeling.
• Experience with NIST800 standards, including 30, 53, 82, and 171
• Experience with ISO 27000 series standards
• Experience with HITRUST and CIS Critical Security Controls
• Ability to earn trust, maintain positive and professional relationships, and contribute to a culture of inclusion.
• Solid understanding of security protocols, cryptography, authentication, and authorization.
• Solid understanding of OpenID Connect (OIDC) and OAuth 2.0. 
• Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
• Ability to deal with ambiguity.
• Strong conflict management skills.
• Computer Skills: Microsoft: Excel, Word, PowerPoint, and Visio.

Would Love For You To Have

• Strong influencing skills across all levels, internal and external to the enterprise.
• Excellent written and verbal communication skills, business acumen, and a commercial outlook.
• Demonstrated history of producing effective, innovative architectural solutions on an enterprise scale.
• AWS Solutions Architect - Professional, AWS Certified Security Specialty, Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or an industry-standard cloud certification.
• At least three years of experience as a Cloud Security or Cloud Platform Architecture.
• Knowledge of remote access technology concepts.
• Knowledge of communication methods, principles, and concepts that support the network infrastructure.
• Knowledge of business continuity and disaster recovery continuity of operations plans.

What You’ll Get

• You will work with a team of experts that build and maintain a highly validated security and privacy program for the leader in Population Health and Healthcare data analytics
• Be a part of a team and organization that had built security and privacy into the fabric and culture of the organization.
• You will learn how to secure highly regulated sensitive data in a cloud environment and how to build and maintain a fully validated and industry-leading security program.
• Your responsibilities will grow with you as a critical member of our team.
• The opportunity to work for an amazing, fast-growing software company leveraging a highly scalable cloud platform.
• Become an expert in all elements of securing clinical and claims healthcare data in the cloud.
• Awesome work environment.
• Competitive compensation/benefits package.
• Great benefits like flextime time off.
• Stocked kitchen with snacks and beverages and more.