Chief Security Architect

This role presents a rare opportunity to provide cybersecurity leadership for the $3 trillion U.S. healthcare industry. We’re looking for a uniquely qualified individual to lead broad, impactful industry-scale cybersecurity initiatives, including the development and adoption of a cybersecurity trust framework that will form the foundation for secure interoperability among medical devices and systems in multi-vendor environments. The Chief Security Architect reports to the Chief Technology Officer.

The Center for Medical Interoperability is a 501(c)(3) cooperative research and development lab founded by health systems to simplify and advance data sharing among medical technologies and systems. We provide a centralized, vendor-neutral approach to performing technical work that enables person-centered care, testing and certifying devices and systems, and promoting the adoption of scalable solutions.

A strong, adaptable, collaborative thought leader with deep knowledge of designing cybersecurity architectures and operational experience in the application of cybersecurity technologies for healthcare systems. This individual must be able to lead teams and efforts in a multi-stakeholder, multi-contributor technology development environment. The ideal candidate will also demonstrate critical thinking abilities to identify and solve complex problems and author creative technical solutions. An agile communicator who can simplify and clearly present complex technical concepts to executive audiences, and participate in rich technical discussions. A disciplined executor who can predictably move from conceptualization through planning and implementation.

• Master’s degree in Telecommunications, Computer Science, Engineering, or similar and a minimum of 10 years’ experience with development and application of cybersecurity solutions for healthcare or similar environments (or equivalent in education/experience)
• Deep knowledge of cryptographic techniques, systems, and associated operational methodologies for the protection of critical devices and systems, including digital identities (e.g., X.509 certificates and keys), PKI, blockchain, authentication, transport security, standard encryption and hashing algorithms (e.g., AES, RSA, ECC, SHA) etc.
• Working knowledge of the healthcare IT environment and associated protocols (e.g., HL7, IHE PCD, HL7 FHIR, IEEE 11073 series) preferred, including legal and compliance requirements
• Deep knowledge of cybersecurity threats, risk management frameworks, vulnerability management, recommended mitigation and recovery solutions, and guidelines (e.g., NIST, FDA, IETF); knowledge of supply chain risk management
• Experience with secure coding practices, secure software update, and bug reporting
• Ability to think creatively and innovatively tackle difficult challenges
• Ability to communicate effectively and work collaboratively with both technical and non-technical personnel
• Excellent time and task management skills; willingness to travel up to 25%

Do you meet these requirements? Do you have a yearning for learning, the resilience to adapt to make a difference in health care? If so, please contact us!