Sr. Cloud Security Architect

Change Healthcare
Woodbridge, VA
Jul 30, 2021
Aug 02, 2021
Full Time
TitleSr. Cloud Security ArchitectOverview of PositionThe Sr. Cloud Security Architect is a thought leader responsible for consulting with IT and Business Units on complex and highly visible technology initiatives across the enterprise. This includes the review and evaluation of new IT technical proposals, application designs, and third party tools and services.A' In addition, this role is responsible for the identification and communication of risk, enumeration of security controls necessary to ensure solutions are released in a safe and secure manner as well as compliant with Security Policies & Standards and regulatory requirements while enabling our Business.What will be my duties and responsibilities in this job?Provide consulting services, guidance, and best practice advice to Business Units and IT Teams across the enterpriseReview and assess strategic solution proposals, application and system designs, and identify and communicate the security controls necessary to ensure our data, processes, intellectual property, and brand are secure while enabling Business; identify alternative solutions and mitigating controls when necessaryRepresent Security on complex and high visibility technology initiatives; be a strong technologist with a pragmatic view and a creative mindEducate internal customers on security risk and best practicesLead through influence and communicate effectively with a demonstrated understanding of business and technical requirementsDevelop and enhance security policies & standards, based on sound security architecture practicesCollaborate with other security architects and security practitioners, IT architects, engineers, developers, application owners and senior managementPassionate mentor of Information Security staffWhat are the requirements needed for this position?College degree or/equivalent and 10 years related work experienceSecurity certification (CISSP, CISM, ETC) Cloud Security-related certifications (AWS, Google, Azure)7+ years of experience in Security Architecture and Security Engineering3+ years of experience in a consultancy role evaluating system and application designs and providing technical security guidance and direction5+ years of increasing responsibility in architecting, securing and delivering cloud applications and solutions within AWS, Azure and GCP Cloud platformsHands-on experience as an engineer or architect with commercial cloud technologies to include AWS, Azure and/or GCPExperience designing and implementing cloud security, including creating artifacts, models, and strategy presentationsExperience performing security design reviews to assess security implications of new technologies introduced in cloud environmentsExpert level security experience with the following:Full stack IT infrastructureAssessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (application development, data protection, cryptography, key management, identity and access management (IAM), network security)Cloud-native and industry standard authentication mechanisms (Cognito, OAuth, OpenID, etc.)Deployment orchestration, automation, and security configuration management (Cloud Formation Template, Puppet, Chef, ArcSight, etc.)Cloud security and governance toolsEnterprise applications (architecture, development, support, and troubleshooting)Performing threat modeling and design reviews to assess security implications and requirements for introduction of new technologiesRepresenting multiple technical viewpoints to diverse audiences in support of risk based technical decisionsA' What other skills/experience would be helpful to have?Ability to perform deep dive technical risk based analysis and provide direction and guidance on architectural use cases and requirementsExperience with the assessment, implementation, management and documentation of a broad set of information security technologies and processes (application security, data protection, access management, network security) within a cloud environmentSolid understanding of the end-to-end information technology (IT) process, including architecture, design & engineering, implementation, and operationsExceptional verbal communication and technical writing skills; able to build and deliver executive level presentations to include recommendations and solutionsExcellent leadership skills; collaborate with and influence others to achieve desired resultProven ability to solve complex technical problemsExcellent organizational skills and attention to detailThorough understanding of SDLC methodologies including AgileExperience with HITRUST, PCI, or FISMA regulatory controlsExperience with securing PHI, PCI and PII dataJoin our team today where we are creating a better coordinated, increasingly collaborative, and more efficient healthcare system!A' Equal Opportunity/Affirmative Action Statement Change Healthcare is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, genetic information,A' national origin, disability, or veteran status. To read more about employment discrimination protections under federal law, read EEO is the Law at and the supplemental information at you need a reasonable accommodation to assist with your application for employment, please contact us by sending an email to applyaccommodations@A' with "Applicant requesting reasonable accommodation" as the subject. Resumes or CVs submitted to this email box will not be accepted.Click here view our pay transparency nondiscrimination policy.California (US) Residents: By submitting an application to Change Healthcare for consideration of any employment opportunity, you acknowledge that you have read and understoodA' Change Healthcare's Privacy Notice to California Job Applicants Regarding the Collection of Personal Information.Change Healthcare maintains a drug free workplace and conducts pre-employment drug-testing, where applicable, in accordance with federal, state and local laws.