Information Security Architect I

Information Security Architect I Valley Medical Center - 3.7 Renton, WA Job Details Full-time $78,425 - $117,637 a year 5 hours ago Qualifications Task prioritization

Full Job Description Job Title:

Information Security Architect I Req:

2026-0465

Location:

VMC Main Campus Department:

Information Technology Shift:

Days Type:

Full Time FTE:

1

Hours:

City State:

Renton, WA Salary Range:

Min $78,425 - Max $117,637/annual

DOE Job Description:

JOB DESCRIPTION

The position description is a guide to the critical duties and essential functions of the job, not an all-inclusive list of responsibilities, qualifications, physical demands, and work environment conditions. Position descriptions are reviewed and revised to meet the changing needs of the organization.

TITLE:

Information Security Architect

I JOB OVERVIEW

Responsible for ensuring the confidentiality, integrity, and availability (CIA) of VMC computer systems and information to safeguard personnel and patient safety, while also maintaining compliance with HIPAA, PCI-DSS, cybersecurity industry best practices, frameworks, and standards.

DEPARTMENT

Informational Technology

WORK HOURS

Typically, Monday - Friday; Hours may vary to meet departmental needs.

REPORTS TO

Supervisor, Information Security

PREREQUISITES

Education:

Master's degree in computer science related field, OR Bachelor's degree in computer science related field plus one (1) year industry related experience, OR Associate's degree in computer science related field plus two (2) years industry related experience, OR three (3) years industry related experience.

Certification:

Entry-level information security certification from a cybersecurity industry standard such as (ISC)2, OffSec, EC-Council, GIAC, CompTIA, and other related certifications on approval, OR be able to obtain one within one (1) year of hire date.

Applied Job Experience:

Information Security Background:

Industry experience preferred as a Cybersecurity Practitioner, Security Operations Center (SOC) Analyst, Risk Assessment Auditor, Penetration Tester, Incident Response Handler, or Computer Forensics Investigator. Experience as a Service Desk Agent, Help Desk Agent, Desktop Support Technician, Identity Access Analyst, Systems Administrator or Network Engineer to be considered as time towards.

QUALIFICATIONS

Working knowledge with scripting languages and automation such as Python, PowerShell, etc. Working knowledge with securing cloud computing and cloud services such as Azure and AWS. Working knowledge with securing operating system environments such as Windows, Mac, Linux, etc. Working knowledge with securing networking, wireless and virtual environments. Working knowledge with subnetting, segmentation, and zero-trust zones. Professional experience with PKI/certificate authority and OpenSSL. Professional experience with SEG, NGFW, AV and EDR. Professional experience with various SIEMs and SOC management. Professional experience with multi factor authentication implementation. Familiarity with security compliance standards such as HIPAA, PCI-DSS, GDPR, etc. Familiarity with security frameworks such as

HITRUST, NIST, OWASP, ISO 27000, SANS CIS

20, STIGs, ITIL, etc. Familiarity with the full stack OSI model, as well as TCP/IP protocol suite. Familiarity with vulnerability management and patch cycles. Familiarity with risk assessments, pen-tests, table-top exercises, BCDR, and change management. Familiarity with writing and implementing IT policy, CSIRT plans, and training & awareness programs.

UNIQUE PHYSICAL/MENTAL DEMANDS, ENVIRONMENT AND WORKING CONDITIONS

Requires ability to move items and equipment weighing up to 70 lbs. Requires ability to appropriately manage and handle highly confidential information. Requires ability to remain focused, self-motivated, and initiative-taking while working independently or on a team, regardless of working onsite or remotely with little to no instruction. Requires planning, organizing, and working on multiple tasks at one time with tight time constraints. Requires ability to identify the most important tasks and prioritize accordingly. Requires ability to implement a logical and structured approach to time management. Requires ability to demonstrate a high level of professionalism and show respect to all co-workers, patients, business partners, and members of the public. Requires ability to demonstrate a strong collaborative mindset, share knowledge, and function as a contributing member of the team. Requires ability to work effectively with all levels of the organization and broad technical understanding, while providing excellent customer service. Requires ability to demonstrate a high level of communication skills, both verbal (meeting organizer, training, etc.) and written (E-mail, IT policy, documentation, etc.) to C-level executives, auditors, end users, and engineers. Requires ability to quickly learn, conduct own research as necessary, and retain information. Requires ability to quickly understand information systems to identify and validate security requirements. Requires ability to stay up to date on all current cybersecurity events and zero-day exploitations. Requires ability to demonstrate strong critical-thinking and problem-solving skills. Requires ability to demonstrate acute attention to detail.

PERFORMANCE RESPONSIBILITIES

Monitor all security solutions, investigate all alerts, and respond appropriately to all identified threats, incidents, and/or compromise. Monitor the ticket queue, attempt first tier support, and escalate as needed. Provide excellent customer service. Assist staff with access related issues. Provide certificate assistance to other teams as needed. Document all team related procedures and resources to include notes, training, templates, knowledge bases, databases, change control and SOPs. Perform performance maintenance and patch management on all security tools and databases. Provide IT policy guidance to assist staff with security compliance. Assist and take instruction from higher-level analysts with duties and responsibilities as assigned.

Reviewed:

01/20

Revised:

12/23

Grade:

NC09 FLSA

E CC:

8552

Job Qualifications:

PREREQUISITES

Education:

Master's degree in computer science related field, OR Bachelor's degree in computer science related field plus one (1) year industry related experience, OR Associate's degree in computer science related field plus two (2) years industry related experience, OR three (3) years industry related experience.

Certification:

Entry-level information security certification from a cybersecurity industry standard such as (ISC)2, OffSec, EC-Council, GIAC, CompTIA, and other related certifications on approval, OR be able to obtain one within one (1) year of hire date.

Applied Job Experience:

Information Security Background:

Industry experience preferred as a Cybersecurity Practitioner, Security Operations Center (SOC) Analyst, Risk Assessment Auditor, Penetration Tester, Incident Response Handler, or Computer Forensics Investigator. Experience as a Service Desk Agent, Help Desk Agent, Desktop Support Technician, Identity Access Analyst, Systems Administrator or Network Engineer to be considered as time towards.

QUALIFICATIONS

Working knowledge with scripting languages and automation such as Python, PowerShell, etc. Working knowledge with securing cloud computing and cloud services such as Azure and AWS. Working knowledge with securing operating system environments such as Windows, Mac, Linux, etc. Working knowledge with securing networking, wireless and virtual environments. Working knowledge with subnetting, segmentation, and zero-trust zones. Professional experience with PKI/certificate authority and OpenSSL. Professional experience with SEG, NGFW, AV and EDR. Professional experience with various SIEMs and SOC management. Professional experience with multi factor authentication implementation. Familiarity with security compliance standards such as HIPAA, PCI-DSS, GDPR, etc. Familiarity with security frameworks such as

HITRUST, NIST, OWASP, ISO 27000, SANS CIS

20, STIGs, ITIL, etc. Familiarity with the full stack OSI model, as well as TCP/IP protocol suite. Familiarity with vulnerability management and patch cycles. Familiarity with risk assessments, pen-tests, table-top exercises, BCDR, and change management. Familiarity with writing and implementing IT policy, CSIRT plans, and training & awareness programs.