Sr. Director, Chief Cybersecurity Architect at Community Health Systems (Nashville, TN)

| Nashville, TN
Sorry, this job was removed at 3:27 a.m. (CST) on Sunday, June 12, 2022
Find out who's hiring in Nashville, TN.
See all Operations jobs in Nashville, TN
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Job Description

Community Health Systems is a leading operator of general acute care hospitals and outpatient care centers in communities across the United States. CHS affiliates own, lease or operate 83 affiliated hospitals in 16 states with an aggregate of approximately 13,000 licensed beds. Healthcare services are also provided in more than 1,000 outpatient sites of care including affiliated physician practices, urgent care centers, freestanding emergency departments, imaging centers, cancer centers, and ambulatory surgery centers.
Community Health Systems is a leading operator of general acute care hospitals and outpatient care centers in communities across the United States. CHS affiliates own, lease or operate 83 affiliated hospitals in 16 states with an aggregate of approximately 13,000 licensed beds. Healthcare services are also provided in more than 1,000 outpatient sites of care including affiliated physician practices, urgent care centers, freestanding emergency departments, imaging centers, cancer centers, and ambulatory surgery centers. Summary: As a senior member of Cybersecurity team, the chief cybersecurity architect reports to the Chief Information Security Officer (CISO), and plays an integral role in assessing and defining the organization's security strategy, architecture, and practices. The chief cybersecurity architect will lead a team and effectively translate business objectives and cyber risk management strategies into specific security processes enabled by security technologies and services, evaluate and incorporate emerging technologies in response to changes in the threat landscapes. This position will interact with senior leaders across the enterprise and acts as a trusted senior advisor, while performing all necessary duties to ensure the cybersecurity of CHS information assets. Working remotely may be an option. Key Responsibilities
  • Establish the cybersecurity architecture function, build the team, and recruit staff in collaboration with the CISO.
  • Define, develop and maintain a cybersecurity architecture process that enables the enterprise to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
  • Develop cybersecurity architecture strategy plans and roadmaps based on sound industry and enterprise architecture practices.
  • Develop and maintain cybersecurity reference architecture based on industry standards and a "fit" for CHS
  • Develop and maintain cybersecurity architecture artifacts (e.g., models, patterns, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
  • Track developments and changes in the digital business and threat environments to ensure that they are adequately addressed in security strategy plans and architecture artifacts
  • Participate in product development, application and infrastructure projects to provide security-planning advice.
  • Draft security procedures and standards to be reviewed and approved by executive management and/or formally authorized by the CISO.
  • Determine baseline security configuration standards for operating systems (e.g., OS and platform hardening), network segmentation, identity and access management (IAM), data protection, and cloud services.
  • Develop standards and practices for application protection including APIs
  • Develop standards and practices for medical devices including IoTs
  • Develop standards and practices for data encryption and tokenization in the organization, based on the organization's data classification criteria.
  • Conduct or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application.
  • Ensure a complete, accurate and valid inventory of all systems, infrastructure and applications that should be logged by the security information and event management (SIEM) or log management tool.
  • Establish a taxonomy of indicators of compromise (IOCs) and share this detail with other security colleagues, including the security operations center (SOC), information security managers and analysts, as well as counterparts within the Enterprise Command Center (ECC).
  • Validate Cloud, IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.
  • Validate security configurations and access to security infrastructure tools, including firewalls, IPSs, WAFs and anti-malware/endpoint protection systems.
  • Review network segmentation to ensure least privilege for network access.
  • Review security technologies, tools and services, and make recommendations to the broader security team for their use, based on security, financial and operational metrics.
  • Liaise with other security architects and security practitioners to share best practices and insights.
  • Other as may be assigned by the CISO
Key Duties:
  • Bullet points
  • Other duties as assigned
Key Competencies:
  • Strong oral and presentation skills.
  • In-depth knowledge of cybersecurity frameworks including but not limited to NIST CF, HITRUST CSF, ISO 27001.
  • Strong knowledge of laws and regulations including but not limited to PCI-DSS, and HIPAA-HITECH.
  • Experience in using architecture methodologies such as SABSA, Zachman, or TOGAF
  • Direct, hands-on experience or strong working knowledge of managing security infrastructure - e.g., firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), endpoint protection, SIEM and log management technology
  • Strong working knowledge of vulnerability management practices and tools
  • Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services.
  • Direct experience designing IAM technologies and services such as AD, LDAP, and/or AWS IAM
  • Strong working knowledge of IT service management - ITIL related services - Change Management, Configuration Management, Asset Management, Incident Management, Problem Management, etc.
  • Experience designing and securing applications and infrastructures in cloud environments such as GCP, AWS and/or Azure
Required Education, Certifications, and Experience
  • Bachelor's degree in Information Technology/Computer Science or related field required.
  • Minimum of ten years of experience in a related field required.

Physical Demands:

In order to successfully perform this job, with or without a reasonable accommodation, the following are outlined below:
  • The Employee is required to read, review, prepare and analyze written data and figures, using a PC or similar, and should possess visual acuity.
  • The Employee may be required to occasionally climb, push, stand, walk, reach, grasp, kneel, stoop, and/or perform repetitive motions.
  • The Employee is not substantially exposed to adverse environmental conditions and; therefore, job functions are typically performed under conditions such as those found within general office or administrative work.
More Information on Community Health Systems
Community Health Systems operates in the Healthtech industry. The company is located in Franklin, TN. Community Health Systems was founded in 1985. It has 10001 total employees. It offers perks and benefits such as Flexible Spending Account (FSA), Disability Insurance, Dental Benefits, Vision Benefits, Health Insurance Benefits and Life Insurance. To see all 39 open jobs at Community Health Systems, click here.
Read Full Job Description
Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.

Similar Jobs

Apply Now
By clicking continue you agree to Built In’s Privacy Policy and Terms of Use.
Save jobView Community Health Systems's full profileFind similar jobs