Arcadia is dedicated to happier, healthier days for all. We transform diverse data into a unified fabric for health. Our platform delivers actionable insights for our customers to advance care and research, drive strategic growth, and achieve financial success. For more information, visit arcadia.io.
Why This Role Is Important To Arcadia
The Security Architect reports to the Chief Information Security Officer and ensures that appropriate security requirements are implemented to protect Arcadias mission, products, and business processes. The Security Architect collaborates with the Development, Infrastructure, Internal IT, and Operations teams to oversee the AWS security architecture and engineering aspects of Arcadias Population Health Analytics portfolio and corporate computing environment.
What Success Looks Like
In 3 months:
- Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
- Evaluate security architectures and designs to determine the adequacy of security design and architecture proposed or provided in response to requirements contained in acquisition documents
In 6 months:
- Design security architecture elements to mitigate threats
- Devise strategies to secure information assets and cloud services
- Provide technical security supervision and guidance to the information security, infrastructure, and DevOps teams
- Participate in defining, implementing, and maintaining security policies and procedures
What You'll Be Doing
- Understand Arcadias business strategy and product offerings and how it relates to our security architecture strategy and deliver architectural guidelines, best practices, and direction on security within architectural standards, policies, and roadmaps
- Drive beneficial security architectural changes through the development or review of architectures to ensure that they fit requirements for security, privacy, compliance, cyber risk mitigation, and conformance to relevant security standards while balancing information risk against the cost of appropriate countermeasures
- Integrate with change management processes to ensure a security review or assessment is conducted for all significant changes to Arcadias production, cloud architecture, and development environments.
- Leverage knowledge of architectural best practices to develop a long-term strategy that considers business needs and budgetary constraints
- Collaborate with development teams to ensure effective implementation of security within the SDLC and ensure that relevant tasks are completed and required artifacts are created and maintained
- Perform Security Impact Analysis is completed for all web/code changes as part of the Change Management process before deployment
- Proactively engages key stakeholders regarding architectural security decisions, plans, goals, and strategies that impact business operations and initiatives
- Document and maintain security designs, processes, procedures, and other artifacts
- Assist in developing configuration baselines and supporting the deployment and adherence of secure configuration management processes
- Continually evaluate and understand the implications to Arcadia and its customers concerning the evolving cybersecurity risk landscape and industry practices to remain current with threats and associated countermeasures
What You'll Bring
- Demonstrated experience in architecture, design, and management of security for highly available, resilient systems (physical, virtual, cloud).
- Experience with container technologies such as Kubernetes and Docker.
- Experience with deployment orchestration, automation, and security configuration management (Jenkins, GitHub Actions, Terraform, CloudFormation).
- In-depth knowledge of AWS services, including experience in designing, implementing, and maintaining secure AWS infrastructure (e.g., IAM, SCPs, Secrets Manager, KMS, WAF and Shield, GuardDuty, CloudFront, CloudTrail, Inspector, etc.).
- Three years of experience with cloud security and native technologies (Azure, AWS).
- Working knowledge of enterprise-level Active Directory and AWS security solutions.
- Working knowledge of current cyber threats and countermeasures.
- Experience with the development of flow diagrams, assignment of subsystems and trust boundaries, boundary protection definition, and threat modeling.
- Experience with NIST800 standards, including 30, 53, 82, and 171
- Experience with ISO 27000 series standards
- Experience with HITRUST and CIS Critical Security Controls
- Ability to earn trust, maintain positive and professional relationships, and contribute to a culture of inclusion.
- Solid understanding of security protocols, cryptography, authentication, and authorization.
- Solid understanding of OpenID Connect (OIDC) and OAuth 2.0.
- Knowledge of the application firewall concepts and functions (e.g., Single point of authentication/audit/policy enforcement, message scanning for malicious content, data anonymization for PCI and PII compliance, data loss protection scanning, accelerated cryptographic operations, SSL security, REST/JSON processing).
- Ability to deal with ambiguity.
- Strong conflict management skills.
- Computer Skills: Microsoft: Excel, Word, PowerPoint, and Visio.
Would Love For You To Have
- Strong influencing skills across all levels, internal and external to the enterprise.
- Excellent written and verbal communication skills, business acumen, and a commercial outlook.
- Demonstrated history of producing effective, innovative architectural solutions on an enterprise scale.
- AWS Solutions Architect - Professional, AWS Certified Security Specialty, Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP), or an industry-standard cloud certification.
- At least three years of experience as a Cloud Security or Cloud Platform Architecture.
- Knowledge of remote access technology concepts.
- Knowledge of communication methods, principles, and concepts that support the network infrastructure.
- Knowledge of business continuity and disaster recovery continuity of operations plans.
What You'll Get
- You will work with a team of experts that build and maintain a highly validated security and privacy program for the leader in Population Health and Healthcare data analytics
- Be a part of a team and organization that had built security and privacy into the fabric and culture of the organization.
- You will learn how to secure highly regulated sensitive data in a cloud environment and how to build and maintain a fully validated and industry-leading security program.
- Your responsibilities will grow with you as a critical member of our team.
- The opportunity to work for an amazing, fast-growing software company leveraging a highly scalable cloud platform.
- Become an expert in all elements of securing clinical and claims healthcare data in the cloud.
- Awesome work environment.
- Competitive compensation/benefits package.
- Great benefits like flextime time off.
- Stocked kitchen with snacks and beverages and more.
Arcadia.io helps innovative healthcare systems and health plans around the country transform healthcare to reduce cost while improving patient health. We do this by aggregating massive amounts of clinical and claims data, applying algorithms to identify opportunities to provide better patient care, and making those opportunities actionable by physicians at the point of care in near-real time. We are passionate about helping our customers drive meaningful outcomes. We are growing fast and have emerged as the market leader in the highly competitive population health management software and value-based care services markets, and we have been recognized by industry analysts KLAS, IDC, Forrester and Chilmark for our leadership. For a better sense of our brand and products, please explore our website, our online resources, and our interactive Data Gallery.
This position is responsible for following all Security policies and procedures in order to protect all PHI under Arcadia's custodianship as well as Arcadia Intellectual Properties. For any security-specific roles, the responsibilities would be further defined by the hiring manager.