Sr. Director, Enterprise Security Architect, Dallas, TX

OVERVIEW:

The Senior Director, Enterprise Security Architect reports to Senior Leadership and is responsible for leading enterprise-wide cybersecurity governance and designing security solutions that protect the business while enabling the business to execute and innovate. The role works closely with many diverse and dynamic teams, including, but not limited to, cloud-enablement, architecture and engineering, IT infrastructure & operations, application development, and security operations to provide guidance for, develop, and architect enterprise security solutions at Tenet.

The Senior Director, Enterprise Security Architect provides expert guidance for addressing current security issues, while possessing the foresight to see where the industry is heading and proactively delivering optimal secure solutions. The security architect is expected to think like an adversary and identify how solutions should evolve as the threat landscape changes. The role demonstrates expertise in multiple industry-leading security technologies (e.g. Okta, Palo Alto), intimately familiarity with cloud architecture, and experience at an engineering level working with large vendors (e.g. Microsoft, IBM, Oracle, KPMG)

A senior-level role, the Senior Director, Enterprise Security Architect leverages effective communication and organizational skills to facilitate enterprise-wide cybersecurity governance at the same time as providing technical leadership and delivering effective solution designs within cross-functional teams.

REPORTING STRUCTURE & WORK SETTING:

This position is in our home office in Farmers Branch, Texas, reporting to the Chief Information Security Officer.

OTHER REPRESENTATIVE DUTIES:

• Responsible to constantly update, socialize, and maintain governance for Tenet�s enterprise security framework, strategy, and technology roadmap, defining tactical, operational, and strategic plans for security across Tenet.
• Maintain Tenet�s security architecture, demonstrating solutions delivery, principles, and emerging technologies
• Designing and implementing security solutions. This includes continuous monitoring and making improvements to those solutions, working with the cybersecurity and architecture teams.
• Consulting and engineering in the development and design of security best practices and implementation of solid security principles across the organization, to meet business goals along with customer and regulatory requirements.
• Understand and implement security architectures for cloud computing considerations.
• Work closely with IS teams to ensure security solution consistency with the enterprise architecture and strategy. This includes the review of detailed specifications for security systems and the associated design, scalability, completeness, quality, and performance.
• Proactively review and analyze new or proposed security systems, tools, and methodologies, assessing their risk and their value in support of security strategy and corporate goals.
• Engineer and/or architect cyber defensive capability using knowledge of cyber defensive architecture and technologies required to protect, detect, and respond to cyber threats and attack. Technologies include SIEM, vulnerability assessment, discovery, infrastructure (firewall, IPS/IDS, proxy, network capture), host based security, penetration testing/external assessment tools, forensics, etc., and Identity and Access Management systems (privileged access mgmt., IAM systems).
• Provide technical expertise and guide the administration of security tools that control and monitor information security,
• Recommend and design security controls to support the data security needs of systems being developed or acquired.
• Consult with business units on options/ideas on improving cost/approach to security.
• Define and implement an overall information security architecture to address internal/external threats as well as all platforms (application, network, mobile).
• Recommend improvements, remediation or requirements for associated projects, existing technologies and vendor supported solutions in support of IS� strategic imperatives.
• Create and maintain relevant documentation as required.
• Develop strong partnerships with our customers, software vendors and other technical and industry resources.
• Research and 2-5-year planning to ensure the organization is continually aware of industry security trends, and best practices to propose new technology and tools investments.

EDUCATION AND WORK EXPERIENCE:

• Bachelor�s degree in computer science or other technical/scientific discipline.
• 7+ years related work including 5+ years as a Security Architect.
• 2+ years in a dedicated information security role at a senior level.
• Experience above must also include five years administering systems or applications and technologies.

SPECIALIZED KNOWLEDGE, SKILLS & ABILITIES:

• Experience in cloud architecture and with major public clouds and vendors (e.g. Microsoft, Google, IBM, AWS)
• Experience with NIST, HIPAA, SOX and PCI requirements
• Knowledge of Identity and Access Management (Okta, Federation, SSO, SAML, Oauth, PKI) and best practices
• Understanding of directory services (Active Directory, LDAP, Azure AD)
• Solid understanding of cyber defensive architecture and industry-leading technologies including cloud security (CASB, Palo Alto Prisma, internet firewall), vulnerability assessment, endpoint security (Cylance, Cybereason, anti-malware, EDR), infrastructure (Checkpoint, Cisco, Palo Alto, Splunk, Mcafee, firewall, IPS/IDS, proxy, SIEM), penetration testing/external assessment tools, forensics, etc.
• Ability to identify project risks and gaps and develop creative and workable solutions to complex problems and policy issues
• Analytical and organizational skills and the ability to gather, assemble, correlate, and analyze facts, and propose solutions to problems
• Ability to lead and work cooperatively with multiple stakeholders & cross-functional teams at all levels of the organization and provide direction and oversight
• Ability to articulate technical security terms to non-technical audiences verbally and in writing
• Highly motivated and detail-oriented individual who strives for excellence and drives success
• Proficiency with business and communications software (preferably Word, Excel, PowerPoint, common Windows operating systems, and Outlook, O365) is required.

Specialized training, certifications, or other special requirements:

-Certified Information Systems Security Professional (CISSP)

Preferred special requirements:

-Information Systems Security Architecture Professional (CISSP-ISSAP)

Employment practices will not be influenced or affected by an applicant�s or employee�s race, color, religion, sex (including pregnancy), national origin, age, disability, genetic information, sexual orientation, gender identity or expression, veteran status or any other legally protected status. Tenet will make reasonable accommodations for qualified individuals with disabilities unless doing so would result in an undue hardship.