About Texas Children's Hospital
Since 1954, Texas Children’s has been leading the charge in patient care, education and research to accelerate health care for children and women around the world. When you love what you do, it truly shows in the smiles of our patient families, employees and our numerous accolades such as being consistently ranked as the best children’s hospital in Texas, and among the top in the nation by U.S.News & World Report as well as recognition from Houston Business Journal as one of this city’s Best Places to Work for ten consecutive years. Texas Children’s comprehensive health care network includes our primary hospital in the Texas Medical Center with expertise in over 40 pediatric subspecialties; the Jan and Dan Duncan Neurological Research Institute (NRI); the Feigin Center for pediatric research; Texas Children’s Pavilion for Women, a comprehensive obstetrics/gynecology facility focusing on high-risk births; Texas Children’s Hospital West Campus, a community hospital in suburban West Houston; and Texas Children’s Hospital The Woodlands, a second community hospital opening in 2017. We have also created the nation’s first HMO for children, established the largest pediatric primary care network in the country and a global health program that is channeling care to children and women all over the world. Texas Children’s Hospital is also academically affiliated with Baylor College of Medicine, one of the largest, most diverse and successful pediatric programs in the nation.
To join our community of 13,000 dedicated team members, visit texaschildrenspeople.org
for career opportunities. You can also learn more about our amazing culture at infinitepassion.org
We are searching for a Data Security Architect (Compliance) –someone who works well in a fast-paced setting. In this position, you’ll ensure the confidentiality, availability, and integrated of the integrated deliverey system and its information assets to protect them from unauthorized disclosure, modification, and destruction. You will develop and promote the strategic plan, policies, audit compliance, and lead remediation initiatives. You will also provide quarterly vulnerability reviews for IS management where you identify, track, and manage outstanding vulnerabilities. Finally, you will investigate confidential issues such as HR events, internal security, and “need to know” situations.
Think you’ve got what it takes?
- eGRC Deployment & Integration
- Vendor Risk Management
- Enterprise Risk Management
- Application Security Management
- Vulnerability Management
- Security Architecture Review
- Creates and ensures the maintenance of written security policies, procedures, guidelines, and standards.
- Outlines long-term technical security requirements assimilating governmental regulations, evolving technical threats, and IDS goals.
- Leads development of guidelines that assist project managers in development of disaster recovery procedures and contingency plans and risk assessments for all applications.
- Develops and promotes risk, vulnerability and cyber threat assessment methodology for IDS network computer systems.
- Develops and implements security policy compliance and assessment procedure including assessment methodology, communication expectations including routine metric reporting, stakeholder education, and mitigation strategies.
- Assures development of incident response plan and coordinate team for response to computer malware, system intrusions, advanced and insider threats, and policy violations.
- Coordinates activities and cooperate with TCH Audit and Compliance services.
- Mentors, trains, and provides direction for Data Security Analysts.
- Ability to perform risk analysis and threat assessment of computer network systems and applications used by the IDS.
- In depth knowledge of Unix / Linux, Windows servers and desktop operating systems is required.
- Working knowledge of network and computer security products ranging from end-point protection, next generation firewalls, web proxies, privileged access (identity) management to advanced threat and data loss prevention solutions is required.
- Knowledge of network protocols and customization of security information and event management (SIEM) platform is required.
- Required for completely satisfactory performance in this job are effective written and verbal communications skills, technical conceptual analytical skills, the ability to identify and react to problems, and initiative taking. The ability to successfully lead multiple project teams of two to seven people in size. Plan, develop and execute projects with management reporting and project tracking.*
- Develops, reviews, updates, and communicates IDS policies related to information security
- Develops security specification and certification methodology for all IDS systems to assure that systems are implemented according to security policy
- Develops a monitoring and compliance strategy to ensure security policies are followed
- Conducts periodic inspections of IDS computer systems to ensure compliance with security policies and procedures
- Develops and promotes risk assessment methodology for IDS network computer systems
- Develops and promotes incident response plan and coordinates team for response to computer viruses, system intrusions, and policy violations
- Outlines long-term technical security requirements assimilating governmental regulations, evolving technical threats, and IDS goals
- Defines, documents, publishes, and enforces architectural standards consistent with organizational objectives
- Researches evolving threats to confidentiality, integrity, and availability of information assets and leads initiatives to prevent unauthorized disclosure, modification, or destruction of IDS information assets
- Bachelor’s degree in computer science, information assurance, or a related field
- Four years of related experience may be substituted for Bachelor’s degree
- Seven years of experience in information security or networking
- Certified Information Systems Security Professional (CISSP) certification is preferred
- SysAdmin, Audit, Network, and Security (SANS) certification is preferred
- Knowledge of technical platforms and network/communication systems
- Analyze complex technical problems and communicate solutions to diverse audiences, including executive management, technicians, and end-users
- Demonstrate strategic analysis and planning
Additional optional education to experience
- * An additional 4 years of strong technical and analytical experience and a 4-year college degree can be substituted for the required type of Bachelor’s education.
Current Texas Children’s employees – Please click here to login.