Primary Job Purpose

The Application Security Architect provides expert advice and leads efforts to ensure Cambia's applications are developed with the highest standards for security. The position formulates and defines architecture to meet requirements, be cost effective, and align with Cambia business strategy. It leads the establishment of security standards for application development.

General Functions and Outcomes

• Leads the development of security standards for application development.
• Identifies and implements new security tools and solutions.
• Follows technology directions, trends and their impacts on cyber security risk posture as well as strategic business impacts.
• Acts as a corporate advocate for application security practices. Provides subject matter expertise in the area of application security, and defines application security policies, standards and procedures.
• Maintains knowledge of changing technologies, provides recommendations and feedback on adaptation of new technologies or policies especially around the use of open source software & libraries.
• Assists in the delivery of security briefings to management, advising them of critical issues and metrics that may affect customer or corporate security objectives.
• Communicate with various departments and business units regarding sensitive and confidential issues.
• Respond to inquiries regarding defined application security policies, standards, and procedures.

Minimum Requirements

• Deep application security architecture experience at enterprise and division level and multiple technology fields.
• Expert in a broad range of technology platforms and technologies and how they interrelated within the Cambia technology portfolio.
• Regarded as the domain though leader for application security across Cambia.
• Demonstrated deep familiarity with Security industry best practices (HIPAA, ISO, NIST, etc.).
• Demonstrated deep experience in industry standard tools and technology, which may include application development languages and packages, client/server systems, security (firewalls/encryption products),
• Web servers and applications, and various third-party utilities and tools for integrating applications with databases and legacy systems.
• Demonstrated mastery of regulatory and legal chain-of-evidence protocols.
• Able to work with little to no direction; manage own workload, resolve conflicting priorities and deliver on commitments.
• Deep understanding of complex systems integration issues involving many disparate data sources, and experience in resolving them through providing clear direction on scope of solution.
• Deep understanding of industry standard tools and technology, which may include application development languages and packages, open source libraries, frameworks, and related projects, client/server systems, security (firewalls/encryption products), Web servers and applications, and various third-party utilities and tools for integrating applications with databases and legacy systems. Must include experience with Ruby, Python and JavaScript.
• Must be able to effectively adapt to rapidly changing technologies and methodologies and apply them to technological and/or business needs.
• Excellent oral and written communication skills; ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding, with coworkers, staff, Human Resources, Law Enforcement and all levels of management.

Normally to be proficient in the competencies listed above

The Application Security Architect would have a bachelor's degree in computer science, engineering or related field with an advanced degree preferred and 10 years of experience in IT, including a minimum of 8 years application security experience and 4 years of technical leadership and architecture experience or equivalent combination of education and experience. CISSP or other security-related certifications are preferred.

Work Environment

• Work primarily performed in office environment.
• Travel may be required locally or out of state.
• May be required to work outside of normal hours.

We are an Equal Opportunity and Affirmative Action employer dedicated to workforce diversity and a drug and tobacco-free workplace. All qualified applicants will receive consideration for employment without regard to race, color, national origin, religion, age, sex, sexual orientation, gender identity, disability, protected veteran status or any other status protected by law. A background check is required.

If you need accommodation for any part of the application process because of a medical condition or disability, please email [email protected]. Information about how Cambia Health Solutions collects, uses, and discloses information is available in our Privacy Policy. As a health care company, we are committed to the health of our communities and employees during the COVID-19 pandemic. Please review the policy on our Careers site.