IT Security Architect - IS Security - Full Time 8 Hour Days (Exempt)(Non-Union)

IT Security Architect – IS Security – Full Time 8 Hour Days (Exempt)(Non-Union)

Reporting to the organization's Chief Information Security Officer, the Information Technology (IT) Security Architect supports the overall vision of the Keck Medicine's Information Security Program. The IT Security Architect is a skilled IT professional who uses deep knowledge of the IT environment and a risk-based approach to design and develop complex IT solutions. He / she serves as the primary liaison between the enterprise IT architects and the systems security engineering teams, coordinating with system owners and stakeholders on security control allocation. The IT Security Architect works closely with the CTO and CISO on security-related issues, including establishing system boundaries, assessing vulnerabilities, creating action plans, designing risk mitigation, and advising on potential adverse effects. This position leads IT security architecture activities for secure design, development, deployment, sustainment and decommissioning of IT systems supporting an academic medical center, ensuring effective security controls throughout the system lifecycle. The IT Security Architect communicates with and educates IT process owners on controls, leading practices, and compliance with Keck Medicine policy and regulatory requirements to reduce risk.

Essential Duties

• Develop and direct IT security architecture documentation and ensure privacy, compliance, and security requirements are met within system solution designs. Own and manage all security architecture processes and initiatives.
• Develop, implement, and maintain a strategic and tactical vision for Keck Medicine's IT system and enterprise architectures, as they relate to information security. Establish plans and procedures for assessment of new requirements and develop appropriate standards. Execute continuous process improvement on established architecture lifecycle processes.
• Assess risk in new architecture designs, ensure related risks are managed to the appropriate level of acceptable residual risk. Track risk throughout system lifecycles.
• Assist in reviewing and assessing security requirement adherence during system acquisition and integration. Evaluate proposed acquisition designs or system development documentation to ensure they are consistent with Keck Medicine's information security guidelines. Advise customers and stakeholders on security best practices and conduct risk-based analysis of alternatives that balances security, cost and organizational benefit.
• Work closely with users, organizational leaders, and IT colleagues to develop short-term (tactical) and long-term goals and forecasts and associated plans to improve security designs so that they meet anticipated needs. Align department goals with organizational vision and goals; communicate and dialogue with staff and organization regarding organizational services initiatives and to incorporate latest advances in security. Emphasize team and cross-departmental focus and behaviors.
• Coordinate with and advise senior management, CISO and CTO, on security architectures to support information technology (IT) security goals and objectives.
• Communicate the value of information technology (IT) security throughout all levels of the organization stakeholders. Communicate effectively in writing when describing complex information security and IT concepts.
• Collaborate with the CISO to design / integrate an information security strategy that outlines the vision, mission, and goals that align with Keck Medicine's strategic plans.
• Apply risk-based methods, standards, and approaches for describing, analyzing, and documenting Keck Medicine's enterprise IT architecture
• Assess and recognize vulnerabilities in security systems and recommend mitigation strategies to reduce risk
• Apply organizational goals and objectives to develop and maintain IT architectures

Required Qualifications

Preferred Qualifications

Required Licenses / Certifications

The annual base salary range for this position is $133,120.00 - $219,648.00. When extending an offer of employment, the University of Southern California considers factors such as (but not limited to) the scope and responsibilities of the position, the candidate's work experience, education / training, key skills, internal peer equity, federal, state, and local laws, contractual stipulations, grant funding, as well as external market and organizational considerations.

#J-18808-Ljbffr