Greenway Health Application Security Architect in United States
Greenway Health is one of the leading Healthcare IT Software and Services Provider with headquarter in Tampa, Florida. Greenway Architecture Office needs an Application Security Architect with primary focus on Healthcare Application Security.
The duties below outline the tasks and goals for which the Information Security Architect is responsible.
• Design, build and implement enterprise-class application security systems for a production environment
• Align standards, frameworks and security with overall business and technology strategy
• Identify and communicate current and emerging security threats
• Design security architecture elements to mitigate threats as they emerge
• Create solutions that balance business requirements with information and cyber security requirements
• Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
• Support the Security Programs that originate from Greenway’s Chief Compliance and Chief Information Security Office
• Support performing necessary audits, reviews to safeguard Greenway application landscape from all vulnerabilities
• Use current programming language and technologies to write code, complete programming and performs testing and debugging of applications
• Train users in implementation or conversion of systems
Experience, Skills & Competencies
• BA or BS in information security, engineering, mathematics, or related area. A Master’s degree in an IT field is a plus.
Five or more years of experience in:
• Security architecture, demonstrating solutions delivery, principles and emerging technologies - Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with an information security team.
• Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
• Security considerations of cloud computing: They include data breaches, broken authentication, hacking, account hijacking, malicious insiders, third parties, APTs, data loss and DoS attacks.
• Identity and access management (IAM) – the framework of security policies and technologies that limit and track the access of those in an organization to sensitive technology resources.
Experience with and knowledge of the following:
• VB.NET, Java/J2EE, ColdFusion, API/web services, scripting languages and a relational database management system (RDBMS) such as MS SQL Server or Oracle. These are some of the technical elements needed to build security into an organization.
• Relevant National Institute of Standards and Technology (NIST) and HIPPA standards.
• OAuth and OpenID Connect Protocols and Standards
• Application and Database Encryption technologies (both at rest and in motion)
General skills include:
• The ability to be the enterprise security subject matter expert who can explain technical topics to those without a technical background
• Exceptional communication skills with diverse audiences - Strong critical thinking and analytical skills
• Strong leadership, project and team-building skills, including the ability to lead teams and drive projects and initiatives in multiple departments
• Demonstrated ability to identify risks associated with business processes, operations, information security programs and technology projects
• Certification in one of the following is strongly preferred (CISSP, CISM, CISA etc).
• Experience in Healthcare Industry, Electronic Health Records (EHR) systems and protecting patient information in compliance with the Health Insurance Portability and Accountability Act (HIPAA) is strongly preferred.