Lead Cybersecurity Architect
At Delta Dental, our strategy is only as strong as the people who execute it! We are hiring individuals that are not just right for today but also for our future. We have built a foundation of high-trust by treating all people with dignity, making and keeping commitments, and consistently striving to do the right thing. Our leaders optimistically share future possibilities to inspire and motivate others toward their full potential. We expect our employees to find ways to embrace positive change, be curious and challenge the status quo, and provide solutions to unmet problems. Joining Delta Dental means joining a culture focused on fostering development, building genuine connections, recognizing each other’s strengths and sharing in successes.
The incumbent in this position is responsible for engaging IT projects to prescribe protection measures for new and redesigned IT solutions, identifying pre-production technical security control deficiencies, subscribing IT solutions to enterprise technical security platforms, developing and maintaining a technical controls framework, and designing technical hardening standards.
The incumbent will work with the project team to define the scope, work effort, and deliverables for the security engineering engagement and will oversee multiple engagements executing in parallel. In addition to being an individual contributor, the Lead Cybersecurity Architect has overall responsibility for delivering multiple technical design engagements on-time and on-budget and is expected to effectively exercise leadership and guidance to enable the team’s success.
This role is also responsible for the continued improvement and development of the Secure IT Solution Development service. This individual must be able to draw from a deep background in enterprise technology and security principles and solutions, as well as their understanding of the business, to articulate and discuss identified business risks and various options for mitigating those risks. The incumbent should have a breadth of technical experience and some leadership/client service expertise as the role requires constant communication and customer interfacing.
How you will make an impact:
- Designs builds and guides a team that ensures the security of enterprise data and systems by specifying requirements for technical security controls for all enterprise information technology development initiatives.
- Develops a capability to design, implement, and continuously update a technical security control requirements model supporting enterprise information security policies and standards, enterprise technology strategy, enterprise technology architecture and patterns, information security industry best practices, emerging information security technologies, and relevant laws and regulations (e.g. HIPAA, Sarbanes-Oxley, GLB, and others.)
- Develops a capability to evaluate the architecture and design of existing and proposed information technology systems against the enterprise technical security control requirements model. Enables the organization to identify any gaps between specific technical security requirements and the architecture of a given system and provide detailed technical recommendations on appropriate design or architecture improvements.
- Develops a capability to assist the organizations responsible for the architecture, design, implementation, and deployment of technical security controls by providing virtual team resources and knowledge sharing to enterprise information technology development initiatives.
- Develops a capability to verify that the requirements for technical security controls were addressed correctly and that all recommendations were implemented effectively (this includes collecting necessary information, verifying the accuracy of the information, testing the solution, and building an assurance argument).
- Serves as a cybersecurity subject matter expert, assessing the business impact of cybersecurity risks to the enterprise and identifying options and recommendations for mitigating those risks.
- Identifies security control requirements for technology initiatives and deliver effective and practical solutions to meet those requirements in alignment with the overall objectives of the project and the business.
- Works with Enterprise Architects and other functional area architects and security specialists to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently and support business objectives.
- Serves as an expert in platform, application, storage, network, virtualization, cloud, and mobile security best practices.
- Exercises thought leadership in the creation and maintenance of security architectures/design patterns.
- Develops technical designs for a project to meet information security requirements based on approved security architectures/design patterns.
- Provides resource planning and engagement management.
- Communicates cybersecurity risks and solutions to various technical and non-technical audiences and levels of management.
- Maintains communication with management regarding development within areas of assigned responsibilities and perform special projects as required or requested.
- Develops strong working relationships with and offers continuous assistance and thought leadership to other leaders in the information technology organization.
- Continuously tracks and reports the status of all capability development and service delivery efforts through boardroom-quality visual communication deliverables.
- Educates, coaches, and mentors all members of the team on technical, interpersonal, team dynamics, company policy & procedure, enterprise business model and other topics.
What we look for:
- Bachelor’s or Master’s Degree in Computer Science, Information Systems, or another related field (or equivalent work experience).
- A widely-recognized technical certification such as GIAC or CISSP is strongly preferred.
- Minimum of 8 years of hands-on experience in the information security field with expert knowledge of the platform, application, storage, data, network, virtualization, cloud, and mobile security.
- Minimum of 2 years of experience in information security solution engineering or security service delivery.
- Minimum of 2 years of leadership experience with planning and managing security engagements and/or leading a team of technical resources.
- This role will require the management of several (2 to 4) concurrent large-scale enterprise-wide information technology capability development projects.
- Strong working understanding of enterprise technologies, operations, and architectural principles and models.
- Knowledge of virtualized data center architectures and operations, SOA-type deployments, web services, and multi-tier web applications, and technologies supporting intranet, extranet, and remote access services.
- Ability to evaluate disparate IT system architectures and designs in real-time and recommend appropriate security control and countermeasure solutions.
- Strong working understanding of contemporary security theory and application (including vulnerabilities, exploitation techniques, and attack vectors).
- Knowledge of laws, regulations, and standards relevant to the US Healthcare industry.
- Externally recognized information security industry thought leadership and innovation accomplishments desired but not required.
- Knowledge of HIPAA, Diversity Principles, Corporate Integrity, Compliance Program policies, and other applicable corporate and departmental policies.
Benefits and perks:
- 12 days starting vacation plus 11 holidays and your birthday off!
- Multiple medical insurance options: 100% paid or low cost premiums
- 100% paid dental insurance
- 100% paid vision insurance
- Onsite gym and/or gym discount and fitness incentive
- Culture of learning: substantial tuition reimbursement to improve your skills
- Career growth: we love promoting from within
- Strong commitment to work/life balance
- Social responsibility and volunteer opportunities
At Delta Dental we:
Promote accountability, integrity and collaboration: Our employees are collaborative, self-aware, and ethical. It is our expectation to do the right thing and follow through on commitments.
Foster professional development: Our employees take ownership of developing themselves and others through coaching, mentoring and providing/being open to constructive feedback and identifying learning opportunities.
Value customers and cultivate positive experiences: Our employees take time to build rapport with customers, while anticipating and exceeding their needs to ensure positive outcomes.
If you think this sounds like you, let’s chat. We would love to tell you more!
ABOUT Delta Dental
Delta Dental covers more Americans than any other dental benefits provider. As an employee you’ll take part in our mission to become the trusted health partner by collaborating with our communities and employees to reimagine and deliver new possibilities in an ever-changing environment. Our Enterprise Strategy focuses on pillars of Growth and Diversification, supported by the platforms of Culture and People, Process and Technology. Our employees take pride working for a purpose-driven organization and live our values of Trust, Service, Excellence and Innovation.
We are part of the Delta Dental Plans Association, a network of companies that provides dental coverage to 74 million people in the U.S. Delta Dental of California, Delta Dental of New York, Inc., Delta Dental of Pennsylvania and Delta Dental Insurance Company, together with our affiliate companies, form one of the nation’s largest dental benefits delivery systems, covering 33 million enrollees. All of our companies are members, or affiliates of members, of the Delta Dental Plans Association, a network of 39 Delta Dental companies throughout the country.
Delta Dental provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, national origin, age, disability or genetics. In addition to federal law requirements, Delta Dental complies with applicable state and local laws governing nondiscrimination in employment in every location in which the company has facilities. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.