Job#: 1363881Job Description:Apex Systems is partnered with one of local clients, who is looking to add talent to their existing Cyber Security Team, who reports directly into the Office of the CTO. We are looking to add both experienced Cyber Security Architects and Cyber Security Engineers who are ready to make that next step into Architecture role. Whether you have Engineer/Analysis or Architecture experience, we have room for you. We are looking for talented Cyber Security individuals who have experience being a part of new tools/techniques adoption/integration. This team focus a lot of new tool integration as opposed to simply operational and remediation (will also be a part of those processes too).Job Summary:The Cybersecurity Engineer/Architect will be responsible for designing and implementing robust security solutions to protect our system integrity and data as well as safeguarding our patients from potential cyber threats. Perform security reviews, identify gaps in security architecture, and develop a security risk management plan. Define and document how the implementation of a new system or new interfaces impacts the security posture of the current environment. Evaluate security architectures and designs to determine the adequacy of security controls or response to requirements contained in acquisition documents. Plan, design, test and enhance the operational security and resiliency of our computers, VoIP, network infrastructure, backups and network connected medical devices. Your expertise in cybersecurity and in-depth knowledge of industry best practices will be vital in safeguarding our systems, networks, and data.Location:Philadelphia, Pennsylvania19124
Hybrid: Onsite Tues/Wed/ThursJob Responsibilities
Systems Security Architecture - Cybersecurity Architect
Evaluates our current architecture to assess security gaps, security misconfigurations and design flaws. Ensures security controls are functioning cohesively across platforms and technology. Recommends and provides risk mitigation alternatives for short term and long term fix.
Collaborates with technology vendors and industry leaders to identify strategic and innovative uses of security solutions and technology to drive operational excellence, enable academic medical research and reduce operational risks.
Designs security controls to protect identities information. Maintains adequate data confidentiality, data integrity and systems availability while balancing the needs of our customers and businesses.
Maintains data flow diagrams, network diagrams and other documentation that is relevant to Cyber security.
Influences and partners with relevant infrastructure departments to design a core architecture with security best practices and the ability to support Internet of Things (IoT), Medical Internet of Things (MIoT) and Building Automation Systems securely.
Planning and Organizing - Cyber Security Architect
Plans effectively to ensure that all work is completed accurately and efficiently.
Determines project/assignment requirements by breaking them down into tasks and identifying types of equipment, materials, and people needed; develops timelines and milestones.
Regularly reassesses priorities and competing demands and adjusts allocation of time and resources to increase efficiency and effectiveness.
Supports the continuous improvement of standard form agreements, legal processes and policies, and contract management.
Serves as a subject matter expert on cybersecurity matters, providing guidance and support to both technical and non-technical teams.
```{=html}```
- Cyber Security Architect
- Responsible for all phases of the project life cycle, system design and configuration, work plan development, operational redesign, end user support, and optimization.
- Develops a d executes a coordinated communication plan for project activities, serves as the primary communicator for all projects within the initiative.
- Formulates, organizes, and monitors inter-connected projects and coordinates cross-project activities.
- Stays current on information security trends, threats, and maintain industry knowledge of security solutions to detect and mitigate cyber security risks.
- Assesses the security state of technical infrastructure across the entities and recommends how to layer security solutions or available features to balance information security, user experience and achieve redundancy.
- Designs, implements, and maintains security controls, including firewalls, intrusion detection and prevention systems, data loss prevention mechanisms, and encryption protocols
- Develops and maintains 3-year security roadmaps based on business objectives, business value, risks, industry trends, innovation, existing, new and expanding capability requirements, and future state technology lifecycle plans.
- Works with IS&T leadership and managers to develop a strong LCP (Life Cycle Plan) Portfolio of infrastructure technologies and technology assets with information security considerations built into the LCP.```{=html}```
- Analytical Thinking
- Analyzes and synthesizes complex or diverse information.
- Collects and researches data.
- Uses intuition and experience to complement data.
- Identifies data relationships and dependencies.
- Designs workflows and procedures.Education/ Licenses/Certifications
Bachelors Degree in Computer Science, Information Security, or related field (Preferred)
Masters Degree: in Computer Science, Management or related field (Preferred)
CISSP - Cert Info Sys Security Prof (Preferred)
GSE - GIAC Security Essentials (Preferred)
Experience Requirements
7-10+ years' of experience in IT related fields, with 5+ Years experience in Information Security practice
5 Years' experience in systems administration, architecting, developing, designing complex systems and networking
2+ years of experience with cloud security principles and practices (e.g., AWS, Azure, GCP) and securing virtualized environments
General experience and demonstrated understanding of cybersecurity principles, best practices, and industry standards, such as ISO 27001, NIST, and CIS Controls
General experience and understanding of encryption methodologies and strategies
General experience and working knowledge of network architecture, protocols, and security technologies, including firewalls, IDS/IPS, VPN, SIEM, and endpoint protection
Proficiency in security frameworks, such as MITRE ATT&CK and the Cyber Kill Chain
EEO EmployerApex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected