Job Details

Job Location
Nashville/Remote - Nashville, TN

Remote Type
Fully Remote

Education Level
None

Travel Percentage
Negligible

Job Category
Information Security Services

POSITION SUMMARY

This person will be responsible for designing, developing, configuring, analyzing, testing, monitoring, and overseeing the implementation of enterprise-wide computer and network security infrastructure and security controls. This person is expected to champion processes and technology as a subject matter expert in various system and network security areas and to demonstrate this ability at a senior level. This position works closely with teams in other Information Security disciplines, infrastructure and operation areas to help provide superior protection to information assets. This roles servers as a security expert that mentors, educates, and trains less experienced team members.

ESSENTIAL DUTIES OR RESPONSIBILITIES

• Grow and influence the security architecture within HealthStream.
• Ensure security architecture provides secure software development, data protection, cryptography, key management, access control management, and network security.
• Design secure architecture controls to mitigate threats.
• Perform security design/architecture reviews with Site Reliability and development teams.
• Design solutions that align with enterprise security architecture frameworks and standards (e.g. ISO 27002, NIST 800-53, TOGAF, SABSA, OSA, etc).
• Network security architecture development along with DNS, routing, authentication, VPN, proxy services, and DDoS mitigation techniques.
• Create and maintain technical roadmaps of areas and technologies.
• Create, refine, and deliver information security standards/policies to be used throughout the enterprise.
• Educate and mentor system engineers on security best practices and designs.
• Integrate security and best practices into DevSecOps processes.

JOB SPECIFICATIONS:

1. KNOWLEDGE/EDUCATION AND EXPERIENCE REQUIRED:

• Bachelors degree in Computer Science, Information Technology, Information Assurance, or equivalent work experience
• 8+ years experience in various roles within Information Security or DevSecOps
• Experience reviewing technical designs and requirements and translating concepts into business language.
• Experience providing high-level design and architecture diagrams, technically validating solutions, and implementing standards
• Experience designing, reviewing, and securing Infrastructure-as-code (IaC)
• Experience with coding and scripting languages
• Understanding of Agile principles

2. SKILLS REQUIRED:

• Working knowledge of system and network vulnerabilities
• Working knowledge of remediating security incidents
• Working knowledge of Routers, Switches, Firewalls, and VPN
• Working knowledge of Security Controls
• Working knowledge of Secure Configurations and Hardening
• Working knowledge of DevSecOps processes
• Working knowledge of Security Architecture

3. ABILITIES REQUIRED:

• Ability to think creatively, learn dymanically and solve problems effectively
• Ability to communicate effectively, including writing, listening, and speaking
• Ability to perform effective time management
• Ability to self-motivate and work efficiently with limited supervision
• Ability to lead presentations to technical and non-technical audiences

HealthStream is an equal opportunity employer. HealthStream prohibits employment practices that discriminate against individual employees or groups of employees on the basis of age, color, disability, national origin, race, religion, sex, sexual orientation, pregnancy, veteran or military status, genetic information or any other category deemed protected by state and/or federal law.