Responsibilities: The Security and Compliance Enterprise Architect - Intermediate works for the Technology Security and Compliance organization of KP-IT. The Security and Compliance Enterprise Architect - Intermediate must follow KP-ITs project management and governance processes; work collaboratively with the KP-IT Enterprise Engineering, KP-IT Enterprise Operations, KP-IT EE&EO Engagement Services, KP-IT Enterprise Engineering, and KP-IT Shared Application Services, KP-IT Technology Security and Compliance, KP Chief Information Security Office, KP National Compliance, and KP Regional Information Offices; and be a strong team player to the Technology Security and Compliance Organization. Responsibilities of the Security and Compliance Enterprise Architect - Intermediate include: Leads Architects/designs Information Protection solutions for multiple system platforms in diverse environments. Selects products based upon own evaluation and requirements provided by other knowledgeable resources. Gathers, Analyzes and Identifies Identifies and documents technical standards for Information Protection products. Identifies compensating controls to mitigate risks in the healthcare enterprise. Creates and Distributes for Review Prepares and delivers briefings on Information Protection technology and its value to the healthcare enterprise. Develops, documents and review Information Protection policies, standards, procedures and guidelines. Provide Recommendations Provides complex integrated systems planning and recommends alternative technologies that will enhance current or anticipated information systems that support overall corporate and business goals and that meet security and compliance standards and policies. Day-to-day tasks of the Security and Compliance Enterprise Architect - Intermediate include: Provides Enterprise Architecture Leadership Provide complex logical/physical input to Operations areas to enable integration of new systems into current infrastructure. Reviews proposed system changes to assess the need for additional control mechanisms or changes to existing mechanisms. Requirements: Minimum Requirements Minimum of 7 - 10+ years of related experience, including 3+ years of demonstrated ability in the information security and/or systems engineering technology area. Proficient in the information security and compliance technology domain with knowledge of current security and compliance vendor solutions. Must Requirements Requires BS and Masters degree in a technical discipline, or BS plus 4 years of technical experience in systems engineering. Keeps abreast of leading and emerging software products and technologies as well as industry standards to could support KP/healthcare business. Expertise In-depth knowledge of security and compliance technology areas that could impact area of privacy of patient and member information. Proficiency Excellent verbal and written communication skills, including the ability to translate complex technical concepts into understandable terms and is able to tailor communication to audience, mediate and facilitate communications between others, and communicate architecture to all levels of management and customers. Demonstrated ability in selection and deployment of new and emerging technology. Competence Ability to synthesize and abstract complex data/information, and lead complex decision processes to produce strategic solutions that enhance KPs competitiveness. Solutions are timely, cost effective and of high quality. Ability to lead technical teams across functional areas or KP in projects or initiatives or leads technology direction at the highest solution architectural level. Ability to transfer knowledge, educate in area of expertise, mentoring other staff. Prior Experience Successful experience participating on large-scale enterprise solution team that required multiple vendors and systems integration approach to meet all requirements The Edge Cybersecurity Program is launching a Governance & Standards domain and is looking for experienced analysts and consultants that can help to build the foundational elements of a strong program, such as: selection of a controls framework, development of device control profiles, development of a risk assessment model for healthcare technologies, engagement with healthcare technology vendors, development of hardening guides for medical devices, development of policies, alignment with other cybersecurity programs across the organization, and more. The ideal candidate will have experience with risk management in healthcare and an understanding of the healthcare technology lifecycle.