ISRM Security Architect (Senior Consultant MIS Lvl C), EITS Security and Risk Management Position Available In New York, New York

ISRM Security Architect (Senior Consultant MIS Lvl C), EITS Security and Risk Management
Empower Every New Yorker – Without Exception – to Live the Healthiest Life Possible
NYC Health + Hospitals is the largest public health care system in the United States. We provide essential outpatient, inpatient and home-based services to more than one million New Yorkers every year across the city’s five boroughs. Our large health system consists of ambulatory centers, acute care centers, post-acute care/long-term care, rehabilitation programs, Home Care, and Correctional Health Services. Our diverse workforce is uniquely focused on empowering New Yorkers, without exception, to live the healthiest life possible.
At NYC Health + Hospitals, our mission is to deliver high quality care health services, without exception. Every employee takes a person-centered approach that exemplifies the ICARE values (Integrity, Compassion, Accountability, Respect, and Excellence) through empathic communication and partnerships between all persons.
Job Description
The Senior Management Consultant, EITS Security Architect will interface between the CISO’s strategic and process-based activities and the work of the technology-focused analysts, engineers and administrators in the IT organization. The Senior Management Consultant, EITS Security Architect must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. The Senior Management Consultant, EITS Security Architect coordinates the IT organization’s technical activities to implement and manage security.
The Senior Management Consultant, EITS Security Architect is part of the Enterprise Information Technology Services (EITS), Information Security and Risk Management (ISRM) team and will work at an enterprise level to ensure a consistent delivery of information security and risk management services. This individual will act as a subject matter expert to the assigned business units on matters regarding information security and compliance with HIPAA, Joint Commission, DSRIP, COBIT, and state privacy laws.
Duties & Responsibilities
Actively engage in security architecture solutioning within key pre-implementation systems
Has the ability to lead and coach on the definition of security architecture, including the development and implementation of effective security administration processes for all platforms
Identify and implement emerging data access control technologies, information systems security issues, safeguards, and techniques
Perform security reviews and identify security gaps in security architecture, resulting in recommendations for inclusion into the risk mitigation strategy
Provide Security Architecture guidance to Senior EITS Management within NYC Health + Hospitals and engage with multiple cross functional teams
Conduct vulnerability scans, recognize vulnerabilities in security systems, and design countermeasures to identified security risks
Work with the enterprise architecture team to ensure that there is a convergence of business, technical and security requirements; liaise with IT management to align existing technical installed base and skills with future architectural requirements
Develop a strong working relationship with the ISRM teams to develop and implement controls and configurations aligned with security policies and legal, regulatory and audit requirements
Keep informed on current threats and industry regulations
Assist in identification of emerging security technologies that can maintain or improve H+H’s security posture, and implement them as and when required
Attend regular team, management, and project meetings and provide both verbal and written reports to the Leadership Team as required. This may include coordination with and support of an Operational Risk Committee.
Facilitate team meetings between stakeholders, project leaders, and the Information Technology teams.
Minimum Qualifications
1. A Baccalaureate Degree from an accredited college or university with a major in Computer Science, Systems Engineering, applied Mathematics, Business Administration, Economics/Statistics, Telecommunications, Data Communications, or a related field of study; and 2. Five (5) years of progressive, responsible experience in the field of data processing, computer systems and applications. Operations Specialty requires supervisory experience (5 years). Network Services requires a telecommunications background and experience. 3. Broad knowledge and expertise in the characteristics of computers, peripheral devices, communications systems and hardware capabilities, programming languages, E.D.P. applications, systems analysis methodology, data management and retrieval techniques; or 4. A satisfactory equivalent combination of training, education and experience.
Department Preferences
Certification(S)/

NYS Licenses/Education:

A bachelor’s degree in information systems CISSP, CISM, GSEC, CEH, or other relevant security qualification
Knowledge, Skills, Abilities and other

Requirements:

Strong Knowledge of infrastructure, application and security protocols in addition to configuration management techniques and risk management/compliance/audit standards
Strong knowledge of cloud (AWS, Google Workspace, Google Cloud Platform, Azure, O365 etc).
Knowledge of network security architecture concepts, including topology, protocols, components, principles (e.g. application of defense-in-depth), and traffic flows across the network (e.g. TCP & TCP/IP, OSI, etc.)
Knowledge of encryption algorithms
Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins
Experience working with network access, identity, and access management (e.g. Active Senior Management Consultant, access federation, multifactor authentication, PKI)
Experience working with operating systems (Microsoft Windows, Linux, UNIX, MacOS X)
Knowledge of security management and secure configuration management techniques
Knowledge of software engineering
Skill in assessing the robustness of security systems and designs and determining how it should work (including its resilience and dependability capabilities)
Knowledge of IT supply chain security/risk management policies, requirements, and procedures
Working knowledge of

HIPAA/HITECH, NIST

CSF, ISO27001/27002 and PCI-DSS Standards and Requirements. A strong understanding of the business impact of security tools, technologies and policies.

Other Preferred Skills:

Must possess a high degree of integrity and trust along with the ability to work independently
Participate in special projects as needed and perform other duties as assigned
Must be able to work independently as well as work as part of a fast-moving team Must be able to work at various locations when necessary, along with working various shifts
Detail oriented, organized, methodical, follow up skills with an analytical thought process
Ability to learn new technologies

Years of Experience:

A minimum of seven years of IT experience, with at least five years dedicated to IT/Cyber Security, including Solution Design
If you wish to apply for this position, please apply online by clicking the “Apply for Job” button.
If applying online, please include your cover letter in the same file attachment with your uploaded resume.
NYC Health and Hospitals offers a competitive benefits package that includes:
Comprehensive Health Benefits for employees hired to work 20+ hrs. per week
Retirement Savings and Pension Plans
Loan Forgiveness Programs for eligible employees
Paid Holidays and Vacation in accordance with employees’ Collectively bargained contracts
College tuition discounts and professional development opportunities
Multiple employee discounts programs

Note:

Candidates selected for a position are required to come to NYC as part of their onboarding.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.
Report this job

Dice Id:

10291499

Position Id:

118631