Why Mayo Clinic
Healthcare Information Security seeking candidates to fill a Security Architect position.
The Information Security Architect works closely with the Office of the Chief Technology Officer to ensure the proper security attributes are included in all enterprise architectures.
The Information Security Architect is a resource to identify and resolve technology related information security gaps based on the organization’s risk posture with guidance and input from peers. Specifically, the architect is knowledgeable, proficient and experienced in:
•Collaborates with others in evaluating, and supporting the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
•Collaborates in developing system concepts and works on the capabilities phases of the systems development life cycle; translates technology and environmental conditions (e.g., law and regulation) into system and security designs and processes.
•Conducts technology assessments and integration processes; provides and supports a
prototype capability and/or evaluates its utility.
•With oversight, works with others to provide technical guidance in situations where Mayo’s Legal department will need to address risk, compliance, or 3rd party interaction.
•Implementing the cybersecurity program of an information system or network; including managing information security implications within the organization, specific program, or other area of responsibility, to include strategic, personnel, infrastructure, requirements, policy enforcement, emergency planning, security awareness, and other resources.
•Applies knowledge of data, information, processes, organizational interactions, skills, and analytical expertise, as well as systems, networks, and information exchange capabilities to provide guidance to Mayo’s projects.
•With collaboration, architects and designs defensive measures with information collected from a variety of sources to identify, analyze, and report events that occur or might occur within the network or information systems.
•Performs assessments of systems and networks within the network environment or enclave and identifies where those systems/networks deviate from acceptable configurations, enclave policy, or local policy. With mentorship, measures effectiveness of defense-in-depth architecture against known vulnerabilities.
Additional qualifications may apply (see additional experience and/or qualifications)
Bachelor’s degree in Information Security Computer Science, or related major and a minimum four (4) years’ experience in the information security field required, OR Master’s degree and two (2) years’ experience in the information security field.
This vacancy is not eligible for sponsorship/ we will not sponsor or transfer visas for this position.
The Information Security Architect also requires the following skills/abilities.
•Consulting with customers to gather and evaluate functional requirements and translates these requirements into technical solutions. Provides guidance to customers about applicability of information systems to meet business needs.
•Provides input on processes and tools that enable the organization to identify, document, and access intellectual capital and information content.
•Performs cyber security work.
•Helps to identify and assess the capabilities and activities of cyber security criminals or foreign intelligence entities; produces findings to help initialize or support law enforcement and counterintelligence investigations or activities.
•Applying current knowledge of one or more regions, countries, non-state entities, and/or technologies.
License or certification
Must have one of the following certifications (or equivalent) at time of hire. In lieu of certification at time of hire, candidate must pass the exam within two years and complete the certification process once years of service requirements of the certifying body have been met. •CISSP •GIAC •CISM •HCISPP •OSCP.
Education, experience and tenure may be considered along with internal equity when job offers are extended. The minimum salary every 2 weeks is approx $3,518 based on a full-time position.
Hours / Pay period
*This position is approved for full time telework.*
Monday - Friday, 8a-5p.
This vacancy may be open to full time telework candidates within the U.S./ reasonable travel to a Mayo facility if ever a business need/ meeting or client-facing.
IT and Engineering
Job posting number
Equal opportunity employer
As an Affirmative Action and Equal Opportunity Employer Mayo Clinic is committed to creating an inclusive environment that values the diversity of its employees and does not discriminate against any employee or candidate. Women, minorities, veterans, people from the LGBTQ communities and people with disabilities are strongly encouraged to apply to join our teams. Reasonable accommodations to access job openings or to apply for a job are available.