Information Security Architect III
Availity delivers revenue cycle and related business solutions for health care professionals who want to build healthy, thriving organizations. Availity has the powerful tools, actionable insights and expansive network reach that medical businesses need to get an edge in an industry constantly redefined by change.
The Information Security Architect III is primarily responsible for leading the design, development, engineering, implementation oversight and maintenance of the enterprise platforms and initiatives as part of a larger architectural and security strategy across the enterprise. This is a hands on position that requires someone who has a great deal of systems engineering and solutions architecture experience together with a very deep understanding of cybersecurity and ethical hacking. They will also be required to carry out other Information Security related activities and projects as specified by management.
- Designs and develops middleware-tier solutions to support enterprise application systems and security
- Attends design and application architectural reviews and actively leads the discussions from a best practices and security architecture perspective
- Evaluates new technology & trends, and makes recommendations to strengthen the enterprise services for both security and business needs.
- Support DevSecOps to operationalize and automate security tools integrated with DevOps processes.
- Assist in the development of the company's security programs
- Research the threat landscape as it relates to Availity and its services.
- Ensure that system security requirements are identified early on and are being implemented into all projects.
- Evaluates internal systems and implementation activities for possible vulnerabilities.
- Adheres to all policies and procedures concerning all confidential information including but not limited to internal use and restricted information, including Protected Consumer Information (PCI) and Protected Health Information (PHI)
- Assisting with project management for information security projects related overall security objectives and programs.
- Strong relationship management and collaboration skills requirements and functional specifications for application development
- Responsible for coaching and mentoring others
- Ability to establish and maintain effective working relationships, supporting company leadership and other team members
- Ability to work under pressure. Maintains composure and professionalism in an interrupt-driven environment
- Ability to manage multiple and changing priorities/tasks
- Must be flexible and embrace change
EDUCATION AND EXPERIENCE
- Bachelor's degree in Computer Science or a related technology field or equivalent in comparable work experience within the development or security field.
- 10+ years of software development experience in Java, C#, or other OOP languages.
- 10+ years of progressive work experience designing and architecting applications and process to service business and security needs.
- Extensive experience with connectivity technologies across multiple protocols, such as HTTP(s) with RESTful and SOAP APIs.
- Broad experience with application, network and information systems security.
- Design experience with n-tier architectures (Data Access, Business Logic, and UI)
- Transactional database and SQL experience (Oracle, MSSQL, MySQL).
- CEH, CISSP, CSSLP, GMON, GCIA, GWAPT, Certification preferred or equivalent University degree such as Masters in Cybersecurity.
SKILLS AND KNOWLEDGE
- Familiarity with the OWASP Top Ten.
- Knowledge of API Gateways and the OpenAPI (Swagger 2.0) API specification.
- Commitment to good Software Engineering practices: Test Driven Development, Code Reviews, Documentation, Git for Source Control.
- Understanding of and experience in protecting web applications against common web exploits such as XSS, SQL Injection, CSRF, etc.
- Experience using CI/CD tools such as Jenkins and package management tools such as Artifactory, npm, browser and gulp.
- Broad knowledge of Enterprise Software Engineering and systems integration.
- Broad knowledge of Enterprise Infrastructure concepts and best practices
- SOA architecture and web services internals experience.
- A working knowledge of Identity management tools and SAML integrations.
- Experience with Active Directory and windows system architecture
- Experience with IaaS, PaaS, and virtualization implementations
- Ethical hacking and application security testing experience.
- A working knowledge of Encryption and PKI solutions.
- Excellent communication skills; must be able to interface with all levels of the organization.
- Open-minded, adaptable and passionate about learning
- Proven ability to merge tactical objectives with strategic plans for the organization to satisfy short term needs and achieve long term goals and successfully implement those plans.
Availity is an equal opportunity employer and makes decisions in employment matters without regard to race, religious creed, color, age, sex, sexual orientation, gender identity, gender expression, genetic information, national origin, religion, marital status, medical condition, disability, military service, pregnancy, childbirth and related medical conditions, or any other classification protected by federal, state, and local laws and ordinances.
NOTICE: Federal law requires all employers to verify the identity and employment eligibility of all persons hired to work in the United States. When required by state law or federal regulation, Availity uses I-9, Employment Eligibility Verification in conjunction with E-Verify to determine employment eligibility. Learn more about E-Verify at http://www.dhs.gov/e-verify.
Meet Some of Availity's Employees
Sarah ensures clear cross-team communication in order to achieve across-the-board product creation consistency through proper architecture and design principles and procedures.
Back to top