Cybersecurity Domain Architect is a key role in the Enterprise Architecture (EA) practice in MHealth Fairviews (MHF) IT department. As a member of the EA team, this role contributes to the development of an architected IT function for digital competency, by focusing on cybersecurity domain. This role applies MHFs EA practice methodology and framework to meticulously create architecture and plans, that simultaneously fit/inform architecture of the IT enterprise. This role is responsible to design security solutions that protect the business, but also allows the business to execute and innovate, and achieve the target posture and capabilities outlined in M Health Fairviews IT strategy. This position is also responsible for architecting solutions to secure business-to-business initiatives, third-party relationships, outsourced solutions and vendors. This role combines building effective partnership across IT domains, iterative long-range planning for IT strategy, expert guidance to address current domain operations but with the foresight to see where the industry is headed, formulate an ecosystem of solutions, partners and talent, and orchestrate projects to accelerate digital transformation across IT.
The Cybersecurity Domain Architect collaborates with other architects in the EA practice to develop a single, cohesive architecture and management plan for the IT enterprise, develops living architecture and repository for reference and use across MHF, and contributes to mature the EA practice. This role works closely with domain leaders and subject matter experts to develop target architecture and plan for the domain, presents the plan to management and explains why it is in the organizations best interest to pursue it, and helps to strategically source technologies, partners and talent that are needed to achieve target capabilities.
The Cybersecurity Domain Architect provides expert guidance to address current security issues, but has the foresight to see where the industry is headed and proactively deliver optimal secure solutions. This role is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes. This role provides technical leadership to team members for delivery and solution design.
The Cybersecurity Domain Architect must be able to rapidly develop a strong understanding of IT strategy, business goals and operating constraints of the IT organization, and current state of the IT stack. As domain expert, this role must be able to synthesize architecture plan with an informed view of new and emerging technology solutions and flexible talent models to enable agile digital transformation in IT. This role must possess an executive presence and excellent interpersonal skills because this role will often lead via influence across multiple IT functions to drive new thinking and practices.
Understand and diligently apply MHFs EA methodology, framework and process to contribute to the development of a single, cohesive architecture for the IT enterprise.
Partner with CISO and other architects in EA practice to leverage MHFs EA framework to derive cybersecurity domain architecture priority from IT strategy.
Create architecture views, artifacts for architecture analysis and documentation, and management plan using the tools and templates prescribed by MHFs EA framework.
Lead EA review and analysis within the cybersecurity domain for architecture design and articulate choice points to CISO from both design and operations perspectives. Help CISO make vendor/product/service choices that align with domain KPIs and achieve target capability.
Upload architecture development plan and documentation into MHFs online living architecture and EA repository to enable reference and use across MHF.
Develop As-Is and To-Be views of cybersecurity domain as an integral component of architecture for the IT enterprise, including
Cybersecurity domain OKRs (objectives & key results) as derived from IT strategy and domain plan to achieve them.
Cybersecurity domain products and services, related processes and investment portfolio over a 3-year period.
Cybersecurity standards, policies, procedures and processes. Upload these standards into MHFs online living architecture and EA repository.
Systems and applications including back-end systems for monitoring and automation.
Technology landscape, technical design (high-level diagrams), and capacity required to provide services that achieve IT SLA/OLA levels.
Cybersecurity and IT standards that must be intrinsically applied in all domains to achieve IT architecture and operations competency.
Workforce plan required to originate, sustain and mature target capabilities and services.
EA peer-review and formal endorsement of solutions and designs to ensure paced architecture development and deployment across domains.
Remain current with new cybersecurity threats and assess systems to ensure they can defend the business. Stay on top of new and disruptive trends in the industry. Formally communicate trends to EA and CISO.
Partner with CISO to define scope of work within the domain, domain resources required and direct dependencies within cybersecurity domain to achieve intended target state. Work with EA and CISO to develop supplemental EA resource plan as necessary.
Apply CISOs final selection of vendor/product/service to develop detailed deployment plan over a rolling 18-month cycle to achieve To-Be architecture. Translate vendor technology roadmaps into domain roadmaps to ensure continuous improvements to domain operations, including cost-to-serve and other financial KPIs.
Maintain a collaborative relationship with key/anchor vendors whose products/services are critical to the domains ability to achieve service SLA/OLA.
Help CISO develop workforce strategy, including strategic sourcing, flexible talent pools and upskilling, required to achieve target state over 3-year period.
Help CISO develop and maintain lifecycle management and operations practices for the domain to achieve target KPIs.
Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
Drive security efficiencies, enabling cybersecurity team members to work on more advanced tasks.
Perform engineering performance testing to stress the limitations of cybersecurity solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.
Balance EA priority and domain operations considerations to fulfill level 3 engineering responsibilities, including creating low-level diagrams, in the event of over-utilization or absence of engineering roles for a given duration.
Provide expert guidance during major incidents and help resolve implementation issues encountered with new and existing technologies.
Coach and mentor engineering and operations staff on technology, standards development, and best practices for domain operations maturity.
Help CISO to conduct operations and financial analysis, domain maturity assessments and next steps to achieve target state in Q3 of each annual budget cycle.
Collaborate with architects within EA practice to provide cross-domain rationalized input to CISOs 3-year investment portfolio and budgeting in Q4 of each annual budget cycle.
Effectively contribute to improvement efforts within EA to mature the practice, develop architecture expertise and promulgate EA thinking and use across IT.
Other responsibilities as assigned.
Bachelors degree in computer science or combination of equivalent education and experience
5-6 years of cybersecurity domain experience
4-5 years of industry experience
4-5 years of cybersecurity architecture experience
Demonstrated experience working in rapid-paced work environment and agile delivery.
Demonstrated ability to synthesize research on broad industry trends, present different and leading discussion on pro/con around approach and choices of design, technology and operations.
Demonstrated ability to simplify complex technical subject matter and communicate the business and operations impact of choices to business and IT leaders.
Possess a DevOps focus across technology and cybersecurity architecture, automation, integration and distribution.
Certified Information Systems Security Professional (CISSP)
Any one of common architecture frameworks (TOGAF, Zachmann, DODAF, FEAF)
Advanced degree in computer science or related field.
Together with the University of Minnesota and University of Minnesota Physicians we have created M Health Fairview. M Health Fairview is the newly expanded collaboration among the University of Minnesota, University of Minnesota Physicians, and Fairview Health Services. The healthcare system combines the best of academic and community medicine — expanding access to world-class, breakthrough care through our 10 hospitals and 60 clinics.Fairview Health Services (fairview.org) is an award-winning, nonprofit health system providing exceptional care across the full spectrum of health care services. Fairview is one of the most comprehensive and geographically accessible systems in the state, with 10 hospitals—including an academic medical center and long-term care hospital—serving the greater Twin Cities metro area.Its broad continuum also includes 60 primary care clinics, specialty clinics, senior living communities, retail and specialty pharmacies, pharmacy benefit management services, rehabilitation centers, counseling and home health care services, medical transportation, an integrated provider network and health insurer PreferredOne. In partnership with the University of Minnesota, ...Fairview’s 32,000 employees and 2,400 affiliated providers embrace innovation to drive a healthier future through healing, discovery and education.