Returning Candidate?

Information Security Architect, Sr

Information Security Architect, Sr

Job ID 
10619
Type 
Regular Full-Time
Company 
Fred Hutchinson Cancer Research Center
Location 
US-WA-Seattle
Category 
Information Technology

More information about this job

Overview

Fred Hutch has ambitious goals when it comes to eliminating cancer and infectious disease. We are using data science in bold new ways to achieve them. As a result, the Fred Hutch Information Security team is growing our security engineering team. We are looking for a Senior Security Architect to take a lead role in developing, evangelizing and deploying leading edge technical security strategy within the HDC (Hutch Data Commonwealth) portfolio of products and services. Reporting to the Director of Security Architecture and embedded within the HDC, you will help the team drive long term security strategy within the HDC development lifecycle. You will also engage directly with Fred Hutch data science and engineering teams as a trusted advisor on our most complex and exciting projects, help develop and drive a “secure by design” philosophy into service architecture and systematically identify & eliminate vulnerabilities with well-engineered security solutions. This role will serve as a technical expert with deep knowledge across all of the security domains as well as expert level knowledge of underlying technologies.  This position will be a proven technical leader, with a strong ability to collaborate and execute in complex technical and organizational environments.

 

This position will be a highly visible technical security authority and a key representative of the Information Security team. The security engineering function drives robust & pragmatic long term technical security strategy and addresses critical technical vulnerabilities in our cloud, hybrid and on-prem environments. Consistently moving the security needle with key project, process and engineering teams through the Fred Hutch environment requires strong communication, collaboration and technical security skill sets. You will be a key security solutions-development engineer, a trusted advisor and a seasoned influencer who can anticipate emerging technical challenges and successfully engage directly with multiple teams within Fred Hutch as well as key partners outside of the organization. This is a new role and an awesome opportunity for the right security architect to make a true impact. You will be closely supported by the Information Security team and peer organizations, but will have the freedom to help develop this function using your unique blend of technical leadership skills and experience. If this sounds like you, come help Fred Hutch in the fight against cancer and infectious disease by ensuring the security of our technical environments and information!

Responsibilities

Technical leadership - Drive the development, adoption and consistent implementation of security architecture principles, policies and standards across the technical stack and throughout the HDC development lifecycle; our goal is to drive sound technical security strategy into every element of the HDC development process. This role allows us to inject security and resiliency into the HDC family of products early and consistently

Consulting - Serve as key security architecture SME and influential, trusted advisor on a broad range of leading edge HDC project engagements; specifically, you will collaborate closely with the Data and Software Architects early in the design & development of HDC products

Entrepreneurial mindset – HDC is a transformative initiative that aims to bring novel big data resources to researchers within and outside of the Hutch; as such, this role needs to be just as forward thinking and serve as an enabler to new approaches 

Versatility - Represent the security function in a wide range of settings; serve as a key strategic influencer on diverse, data intensive HDCproducts. Demonstrate a consistent customer centric approach and technical versatility, especially with new and innovative technological approaches to research and clinical products

Collaboration - Partner closely with the HDC Research and Compliance specialist to formulate and advance security and compliance goals related to critical elements of the data-driven science we are rapidly pursuing

Interpersonal - Serve as a coach and mentor to junior members of the Information Security Office team and to members of the HDC, as appropriate; display high integrity and executive level perceptive ability; demonstrate a consistent drive for collaboration that enables projects and teams to be successful and secure

Qualifications

Required Qualifications & Experience:

  • BS in Computer Science, Software Engineering, Information Technology or equivalent experience required; MS or Security certificates a plus
  • 5-7 years of experience in technical security domains; minimum of two years in a technical security leadership position at the Security Architect level
  • Strong experience designing and implementing comprehensive protection technologies for modern and emerging data architecture platforms web applications, cloud deployment methods and operating systems
  • Understanding of information security Governance and Policy/Standard development and Information Security compliance frameworks, including HIPAA, FISMA/NIST 800-53, HiTrust and EU Data Protection principles
  • Subject matter expertise in web application security and secure development processes (SDL), including tools & mitigation of identified vulnerabilities
  • Implementation of technical security architectures within a large enterprise environment; experience in implementing and managing core security architecture processes and programs
  • Threat modeling, threat assessment and breach resiliency across the technical stack in complex environments; strong understanding of security solution development in multi-platform Cloud (AWS, Azure) and hybrid environments
  • Strong understanding of cryptographic principles and PKI, networking and network security analysis, server and VM infrastructure operations
  • Development of detection/alarming methodologies and SIEM platforms, breach response & resiliency in multi-OS server, VM, cloud & desktop environments
  • Must have excellent verbal, written, and presentation communication skills, strong interpersonal skills and the ability to work effectively across project teams
  • Must be versed in explaining technical solutions to multiple technical teams, non-technical teams and senior management
  • Must demonstrate a keen understanding of security as a business enabler

 

Preferred Qualifications and Experience:

  • Technical security experience in health care, research or similar highly regulated discipline
  • Experience with privacy programs in medical or life science research or higher education
  • Experience with secure configuration and deployment of enterprise wide cloud services – Okta,  O365 and Cloud Management Platforms
  • Software development; Agile Scrum/Kanban experience
  • Experience designing and deploying distributed applications leveraging service-oriented architecture principles
  • CISSP, CISM or SANS - GIAC certification

Our Commitment to Diversity

We are committed to cultivating a workplace in which diverse perspectives and experiences are welcomed and respected. We are proud to be an Equal Opportunity and VEVRAA Employer. We do not discriminate on the basis of race, color, religion, creed, ancestry, national origin, sex, age, disability, marital or veteran status, sexual orientation, gender identity, political ideology, or membership in any other legally protected class. We are an Affirmative Action employer. We encourage individuals with diverse backgrounds to apply and desire priority referrals of protected veterans. If due to a disability you need assistance/and or a reasonable accommodation during the application or recruiting process, please send a request to our Employee Services Center at escmail@fredhutch.org or by calling 206-667-4700.