The Senior Cybersecurity Architect is responsible for managing cybersecurity engagements and delivering cybersecurity architecture services for all technology change initiatives. The person in this role will work with business and IT teams to define the scope, work effort, and deliverables for the cybersecurity engagement and will oversee multiple engagements executing in parallel. The Sr Cybersecurity Architect is overall responsible for meeting or exceeding engagement expectations and is expected to effectively exercise leadership and guidance to enable the team’s success. This role is also responsible for the continued improvement and development of the service, including developing cybersecurity technical standards and architectural patterns. This person must be able to draw from a deep background in enterprise technology and security principles and solutions, as well as their understanding of the business, to clearly articulate and discuss identified business risks and various options for mitigating those risks. Communicates cybersecurity risks and solutions to business partners and IT staff as needed.
Responsibilities:
Identifies cybersecurity control requirements for technology initiatives and designs effective and practical solutions to meet those requirements in alignment with the overall objectives of the project and the business.
As a cybersecurity subject matter expert, assesses the business impact of cybersecurity risks in the enterprise and identifies options and recommendations for mitigating those risks.
Contributes to the development and maintenance of cybersecurity architecture and strategy.
Develops and gains a broad understanding of the business operations and their characteristics with a view to delineating those that may have Cybersecurity implications.
Evaluates and develops secure solutions based on approved security architectures.
Works with other functional area architects and cybersecurity specialists to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently and support business objectives.
Communicates cybersecurity risks and solutions to various technical and non-technical audiences and levels of management.
Leads and participates in resource planning and engagement management.
Leads and participates in service development and improvement.
Communicates and interacts effectively and professionally with co-workers, management, internal and external customers, and partners.
Complies with policies and other applicable corporate and departmental policies.
Performs duties in accordance with Penn Medicine and entity values, policies, and procedures.
Other duties as assigned to support the unit, department, entity, and health system organization
Education/Experience:
Bachelor’s Degree (Required)
10+ years of Information Technology and cybersecurity experience, with a minimum of 3 years within cybersecurity (Required)
3+ years Cybersecurity architecture and solution design (Required)
Skills & Abilities:
Demonstrated interpersonal/verbal communication skills
Demonstrated customer service skills
Ability to communicate effectively with all levels of staff
Expert knowledge of cybersecurity applied to cloud, data, applications, platforms, operating systems and network
Strong working understanding of cybersecurity architectural principles and models
Ability to develop cybersecurity standards and patterns
Ability to navigate a matrixed environment and building cross-functional relationships
Organized, process-oriented and able to manage multiple concurrent work streams
Excellent written and verbal communication skills. Must be able to effectively communicate technical
Strong understanding of systems development lifecycle to lead multifunctional projects or initiatives.
Knowledge of laws, regulations, and standards relevant to the healthcare industry
