Lead Cyber Security Architect - Remote

US Remote Worker

The Emmes Company, LLC ("Emmes") is a global, full-service Clinical Research Organization dedicated to excellence in supporting the advancement of public health and biopharmaceutical innovation. We believe in the power of truth, so much so that we named our company Emmes, which means truth. Through decades of experience, we have learned that collaborative relationships thrive and human health benefits when the truth is our compass.

Our "Character Achieves Results" culture is driven by five key values that guide our actions in the way we conduct research and distinguish us as an organization: Integrity, Agility, Passion for Excellence, Collaborative Partnerships, and Intellectual Curiosity. We are a trusted partner to clients who share our passion for improving public health in a world of ever-changing scientific research.

If you share our motivations and passion for research, come join us! You will be joining a collaborative culture that empowers every Emmes employee — from entry-level through top executive — to contribute to our client's success by sharing ideas openly and honestly.

Primary Purpose

As the Lead Cyber Security Architect, you will be a technical leader that will be the main interface between Emmes' cyber security and network engineering teams. You will develop and maintain an understanding of Emmes' broad network architecture and: a) set the standards for cyber security across the infrastructure, b) evaluate the security of new initiatives and significant changes, c) identify cyber security control improvements and risks in the existing architecture, and d) assist with the prioritization and implementation of corrective actions to improve cyber security controls. You will be expected to design solutions to address the most complex technical challenges in the environment that also comply with stakeholder regulations, policies, and processes.

Responsibilities

Strategic

• Responsible for the cyber security vision, strategy, technology innovations, and architecture services of enterprise infrastructure and applications; design, document and implement a strategic roadmap for cyber security technologies.
• Recommend new architectural features into existing infrastructures, design cyber security architectural artifacts, provide architectural analysis and relate existing systems to future needs and trends.
• Involved in strategic technology planning and oversees solution architecture using and/or defining security protocols in the design, implementation, performance, and documentation of technologies and systems.
• Develop, update, and maintain security standards for networking, cloud, application development, etc.
• Coordinate with the Chief Information Security Officer and Chief Information Officer to align overall Emmes' cyber security objectives.

Solution Design, Development, and Deployment

• Ensure that appropriate technologies and protocols are applied when analyzing and translating business requirements into functional/technical specifications and designs.
• Ensure that architectures are compliant with GDPR, HIPAA, FISMA requirements and NIST SP800-53 controls, and associated standards or client requirements by establishing protection needs.
• Ensure that architectures are compliant with industry-accepted certifications such as ISO27001, SOC2, and/or HITRUST.
• Consult with network engineering and development teams to advise on security requirements and then document the implementation.
• Perform security reviews of solutions under development, identify gaps in the architecture, and develop security risk management plans for the solution.
• Design secure cloud architectures and services in coordination with cloud service providers and internal cloud-based solutions architects.

Implementation and Maintenance

• Participate in configuration management processes to ensure that architectural changes continue to meet protection needs and that new or changed risks are identified.
• Define objectives, technical requirements, and/or processes for the ongoing validation of network cybersecurity posture (e.g., security policy management, secure configuration management).
• Partner with third-party service providers and participate in third-party risk management effort to drive improvements in the security posture.
• Review Security Operations Center reports, threat reports, audit reports, and regulatory changes to identify and initiate risk prioritization and remediation.
• Monitor industry best practices and trends to support the ongoing development of cyber controls and remediate current and emerging cyber threats.

Risk Management

• Identify potential risks within solutions and networks, assess and document those risks, and work with other teams to resolve them.
• Verify that risks are tracked and remediated per the Risk Management Program.
• Conduct or participate in risk assessments

Experience

• Bachelor's degree in Computer Science, Cyber Security, Engineering, or related technical discipline
• Demonstrated ability to resolve issues related to assigned work projects of high complexity
• 8+ years of cyber security with at least the last 2 architecting security solutions
• Hands-on experience in application, technology risk management, or infrastructure security
• Experience in Network Security, Cyber Defense, Vulnerability Management, Security Architecture, and Cloud Environment
• Ability to work on multiple priorities effectively
• Highly motivated individual with the ability to self-start, prioritize, multi-task, and has a "can-do" attitude
• Strategic business acumen and understanding of organization strategy, with an ability to design cyber security solutions to fulfill that strategy
• Experienced in assessing a broad range of cyber security solutions and products
• Excellent communication skills with the ability to explain technical concepts to lay audiences
• Demonstrated knowledge of NIST 800-37, Risk Management Framework (RMF), and NIST 800-53 security controls.
• Knowledge of current threats and best practices in cyber security

Why work at Emmes?

At Emmes, your actions and hard work will have a direct impact on public health initiatives, both globally and in our local communities with opportunities for volunteerism through our Emmes Cares community engagement program. We offer a competitive benefits package focused on the health and needs of our growing workforce, including:

• Unlimited Approved Leave

• Tuition Reimbursement

• 401k & Profit Sharing Plan

• Work From Home Anywhere in the US

• Maternal/Paternal Leave

• Casual Dress Code & Work Environment

CONNECT WITH US!

Follow us on Twitter - @EmmesCRO

Find us on LinkedIn - The Emmes Company, LLC

The Emmes Company, LLC is an equal opportunity affirmative action employer and does not discriminate in its selection and employment practices. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, political affiliation, sexual orientation, gender identity, marital status, disability, protected veteran status, genetic information, age, or other legally protected characteristics.

Emmes is a federal government contractor and requires all employees to be fully vaccinated against COVID-19, to the extent permitted by applicable law. Individuals with medical conditions or sincerely religious beliefs or practices that prevent them from getting the vaccine may request an exemption from the vaccine requirement