At Moffitt Cancer Center, we strive to be the leader in understanding the complexity of cancer and applying these insights to contribute to the prevention and cure of cancer. Our diverse team of over 9,000 are dedicated to serving our patients and creating a workspace where every individual is recognized and appreciated. For this reason, Moffitt has been recognized on the 2023 Forbes list of America’s Best Large Employers and America’s Best Employers for Women, Computerworld magazine’s list of 100 Best Places to Work in Information Technology, DiversityInc Top Hospitals & Health Systems and continually named one of the Tampa Bay Time’s Top Workplace. Additionally, Moffitt is proud to have earned the prestigious Magnet® designation in recognition of its nursing excellence. Moffitt is a National Cancer Institute-designated Comprehensive Cancer Center based in Florida, and the leading cancer hospital in both Florida and the Southeast. We are a top 10 nationally ranked cancer center by Newsweek and have been nationally ranked by U.S. News & World Report since 1999.
Working at Moffitt is both a career and a mission: to contribute to the prevention and cure of cancer. Join our committed team and help shape the future we envision.
Summary
SENIOR CYBER SECURITY ARCHITECT
Position Highlights:
The Senior Cybersecurity Architect will play an integral role in defining and assessing the organization's security strategy, architecture and practices. This role will apply critical cybersecurity expertise to initiatives across all Moffitt's lines of business. The Senior Cybersecurity Architect will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services. In this role, you will have the opportunity to contribute to program operations and proposal solution development as well as contributing to the cybersecurity posture of Moffitt.Responsibilities:
Develops and maintains a security architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers Develops and maintains security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations; determines baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation Develops processes and procedures to validate information technology infrastructure, other reference architectures, configurations and access to cybersecurity infrastructure for industry best practices, and recommend changes to enhance cybersecurity posture and reduce risk where applicable Coordinates with internal and external stakeholders to evaluate proposed statements of work, review high-level design documents and associated SSAE 16 SOC 1 and SOC 2 audit reports to ensure that adequate security protections are in place and compatible with current organizational architecture Guide and counsel technical and non-technical teams standards and practices required for all applicable Federal and State regulations based on the classification of the data and business use cases to ensure compliance Often interface with information technology peers, leadership and business relationship managers to understand, design, and improve cybersecurity as it relates to the various organizational lines of businessCredentials and Experience:
High School Diploma/GED 12 years of cyber security architecture experience Bachelor’s Degree 8 years of cyber security architecture experienceExperience with Cybersecurity programs, specifically Enterprise Security Architecture to include reference security architecture creation, security program assessment, security operations, incident response, forensic analysis, threat intelligence, identity and access management, data protection, penetration testing, Web application security testing, vulnerability and risk management
Act as a solutions-focused business partner to our Architecture, Engineering, DevOps, IT, and Cybersecurity teams and Identify security design gaps in existing and proposed architectures and recommend changes or enhancements Design, build and implement enterprise-class cybersecurity systems, define and align standards, frameworks and cybersecurity with business and technology strategy, identify and communicate current and emerging security threats. Proven experience building security reference architecture for cloud deployments and hybrid scenarios Implementation experience with enterprise security solutions such as Wireless Application Firewalls, Intrusion Protections and Detection Systems, Network Access Controls and Security Information Event Management solutions Cloud Security experience in support of AWS, GCP, and MS Azure cloud hosting environments Experience with the Cyber Kill Chain and enterprise solutions Demonstrated knowledge of HIPAA, PCI DSS, GDPR and SOCLicensure/Certification:
CISSP-ISSAP or similar certification (required within 12 months of date of hire)