Job Description

How is this team contributing to the vision of Providence?

Cybersecurity (CYBR) is committed to appropriately protecting all information relating to its caregivers and affiliates, as well as protecting its confidential business information (including information relating to its caregivers, affiliates, and patients).

What will you be responsible for?

• Own, deliver and continuously improve the global Security Architecture strategy, capabilities, and services in the OT/Clinical domain.
• Own and drive security for Medical/Healthcare Control System (MCS/HCS) in hospitals, clinics, and labs according to enterprise security frameworks and policies.
• Ensure that OT/Clinical platforms/solutions are securely architected, designed, built/configured, modified/changed, tested, and deployed as per defined policies, standards, and industry good practices.
• Ensure continuous consistency to applicable compliance, regulatory, and legal frameworks for the OT/Clinical infrastructure at hospitals, clinics, and labs within the Security Architecture scope.
• Contribute to development and maintenance of the security capability, strategy, roadmaps, and governance of OT/Clinical platforms/solutions. Collaborate with other Security Architects to align domain strategy and roadmaps.
• Be a member of technical architecture and design authority teams providing in-depth expertise to [1] overall platform/solution security topics, [2] required Threat Modelling and Security Assessment methodologies, and [3] threat/risk remediation tools and techniques.
• Have a thorough understanding of complex IT systems and technical security concepts and stay up to date with the latest security standards, systems, and protocols, as well as best practice security products.
• Partner, collaborate and build trust relationship with different departments, leaders, stakeholders, vendors, agents, and business operations personnel.
• Positively influence functional leadership, technology owners, project managers, other architects, engineers, and developers in meeting required security standards.
• Provide thought leadership on new and industry-leading enterprise-class Security solutions, capabilities, and services.

What would your day look like?

• Take on technical security leadership for platform/solution implementation and transformation projects in the OT/Clinical domain.
• Demonstrate security architecture conceptual skills, solutions delivery, and decision making, incorporating sound security principles, and emerging technologies to securely design and implement enterprise solutions.
• Identify, develop, and enforce technical security standards and procedures, and secure architecture and design patterns.
• Develop security architecture, design, and blueprints for the target state, and ensure their effective elaboration, validation, and communication within the projects and stakeholders.
• Collaborate closely with other Security Architects and IT Architects on platform/solution security related matters.
• Conduct awareness sessions on cyber security threats to OT/Clinical infrastructure and the importance of secure architecture and compliance.
• Perform readiness audits and support internal and external auditing of security policies in hospitals, clinics, and labs. Report on platform/solution security status.
• Identify major platform/solution deficiencies and define/craft pragmatic approaches on how to remediate them at scale.
• Investigate and report suspected breaches in OT/Clinical and IT infrastructure.
• Advise and work with OT/Clinical system owners and vendors to design and configure systems that meet security requirements, while balancing security and user experience.
• Drive implementation of OT/Clinical security controls in hospitals, such as network segmentation and threat detection.
• Drive new technology/product evaluations through Proof of Concept (PoC) with other architects/engineers.
• Review technology objectives for OT/Clinical programs and services and make recommendations for their security requirements.
• Establish and provide specialist consultancy on Medical/Healthcare Control System (MCS/HCS).
• Evangelize and promote IT Security culture across the organization.
• Drive accountable areas for results. Take ownership of the environment, teams, operations, initiatives, and projects within areas of accountability, sometimes in ambiguous circumstances.

Who are we looking for?

• 4-year University (Bachelor\'s) degree in Computer Science, Information Technology, or STEM fields, or equivalent experience.
• 10+ years of Information Systems experience. 5+ years as Security Architect. 3+ years of OT/Clinical Security experience.
• Thorough knowledge of Information Security, Compliance, Risk, Data Privacy, and Security Architecture for platform/solution and security elements within OT/Clinical environments.
• Working knowledge of OT/Clinical infrastructure, platforms/solutions, and security requirements.
• Familiarity with Medical/Healthcare Control System (MCS/HCS) concepts and technologies.
• Working knowledge of Threat Modelling and relevant Security Assessment methodologies, (including configuration review, cloud workload security analysis and Penetration Testing).
• Strong technical aptitude, attention to detail and high commitment to quality.
• Extensive experience and excellent judgment to plan and accomplish goals on complex issues where analyses of situations or data requires an in-depth evaluation of variables.
• Solution oriented, can define various pragmatic alternatives leading to appropriate platform/solution security results.
• Strong communicator with deep technical security skills and a pragmatist who can think outside the box.
• Experience working in a multi-vendor environment by working closely with vendors and making full use of their capabilities.
• Proven experience to initiate and manage projects that will affect other divisions, departments, and functions, as well as the corporate environment.
• Ability to perform work independently with a high degree of initiative and problem-solving skills.
• Working knowledge of relevant IT and OT/Clinical security standards (ISO/IEC 27002, ISO/IEC 27032, NIST SP 800-53, 1800-24 and IEC 62443) and vulnerabilities.
• Preferred GICSP, GCIP, CISSP, or equivalent Information Security certifications.
• Preferred TOGAF, Open CA, SABSA, or equivalent Technology Architecture certifications.

Providencene
Providence\'s vision to create \'Health for a Better World\' aids us to promote individuality, diversity of thought and background, and acknowledge its role in the organization\'s success. This makes us committed towards equal employment opportunity regardless of race, religion or belief, color, ancestry, marital status, gender, sexual orientation, age, nationality, ethnic origin, pregnancy, or related needs, mental or sensory disability, HIV Status, or any other category protected by applicable law.We strive to address all forms of discrimination or harassment and provide a safe and confidential process to report any misconduct.
Contact our also, read our .
Providence

At Providence, we not only acknowledge differences but also honor it. We appreciate differences related to the following factors but not limited to background, education, gender, age, generation, religious background, ability, technical skills in all our employment related opportunities.

Health is a human right

Providence India