HRTMS Job Description Management
| Information Security Architect J o b D e s c r i p t i o n | | |
Joy Care Competence Respect |
Job Code | Job Title | FLSA Status |
3896 | Information Security Architect | Exempt |
|
Position Summary | The Information Security Architect designs and maintains security architecture for healthcare information systems, medical devices, and sensitive patient data. Collaborating with IT, clinical engineering, compliance, privacy, and business teams, the role aligns security controls with organizational goals, regulations, and best practices while ensuring operational efficiency. Key expertise includes cybersecurity strategy, risk management, secure system design, cloud security, medical device security, and regulatory compliance. | | | |
Education | Bachelor's degree Cybersecurity, Computer Science, Information Technology, Healthcare Informatics, or related field is required. |
Experience | 4 years of progressive experience in cybersecurity, information security, or IT architecture is required. | 4 years of experience in security architecture or enterprise architecture roles is required. | Experience within healthcare organizations, healthcare technology vendors, or regulated industries is required. |
Certificates, Licenses and Registrations | One or more of the following certifications is preferred: Certified Information Systems Security Professional (CISSP); Certified Information Security Manager (CISM); Certified Cloud Security Professional (CCSP); HealthCare Information Security and Privacy Practitioner (HCISPP); Certified in Risk and Information Systems Control (CRISC); Cloud security certifications (AWS, Azure, or Google Cloud). |
Knowledge, Skills and Abilities | Demonstrates the ability to balance clinical operational needs with necessary security constraints. | Ability to identify vulnerabilities, conduct risk analyses, and design mitigating security controls. | Ability to translate complex cybersecurity metrics into actionable business terms for executive leaders and clinical staff. | Ability to lead and influence engineering, application development, legal, compliance, and clinical operation teams. | Expert-level knowledge of HIPAA, HITECH, Omnibus Rule, and Joint Commission data safety requirements. | Understanding of hospital workflows, clinical applications, and medical device operating constraints. |
Responsibilities | Develop and implement advanced security architectures and strategies to safeguard healthcare information systems, medical devices, and sensitive patient data, ensuring the highest standards of confidentiality, integrity, and availability. | Coordinate with IT, clinical engineering, compliance, privacy, and business teams to align security frameworks and solutions with organizational objectives, legal regulations, and industry best practices. | Evaluate emerging cybersecurity risks, trends, and technologies, and recommend proactive, actionable countermeasures to protect against potential threats. | Oversee comprehensive risk assessments, vulnerability analyses, and incident response plans to ensure compliance with HIPAA, HITECH, Joint Commission standards, and other regulatory requirements. | Create tailored security controls for medical devices and healthcare workflows, while balancing operational efficiency and clinical requirements. | Translate complex cybersecurity and risk management needs into practical strategies and plans for executives, clinical teams, and other stakeholders. | Provide strategic guidance on cloud security, secure system design, and implementation to enhance the organization’s healthcare technology infrastructure. |
Possess the information, skill, and understanding of the work to be performed. Actively participates in continuing education opportunities and maintains certifications, licensure as appropriate. | Abides by all safety requirements including demonstrating proper hand hygiene and wearing of Personal Protective Equipment (PPE), if applicable. | Complies with all standards, policies and procedures including dress code, attendance and punctuality. Attends required in-services and meetings and completes all mandatory competencies by deadline. Commits to keeping all patient, student or colleague information confidential and maintains ongoing communication and collaboration with team members. |
The purpose of this job description is to provide a summary of the major responsibilities performed by colleagues in this position. Colleagues may be requested to perform tasks other than those specifically presented in this job description. Variances in job duties performed may exist between facilities, and colleagues may perform other related duties as assigned to meet the needs of the organization. | | | | | | PHYSICAL, MENTAL AND ENVIRONMENTAL REQUIREMENTS | Physical, Mental and Environmental Requirements Category: | Administrative | | | | | |
Physical and Mental Requirements | The physical requirements described here are representative of those that must be met by a colleague to successfully perform the essential functions of this job. | Physical Demand | N/A | Rarely | Occasionally | Frequently | Constantly | Weight | Standing | | | X | | | | Walking | | | X | | | | Sitting | | | | X | | | Lifting | | X | | | | 20 lbs. | Carrying | | X | | | | 20 lbs. | Pushing | | X | | | | 20 lbs. | Pulling | | X | | | | 20 lbs. | Climbing | | X | | | | | Balancing | | X | | | | | Stooping | | X | | | | | Kneeling | | X | | | | | Crouching | | X | | | | | Crawling | | X | | | | | Reaching | | | X | | | | Use of Hands/Dexterity | | | | X | | | Talking | | | | | X | | Hearing | | | | | X | | Eye/Hand/Foot Coordination | | | | | X | | | | | | | | | | | | | | |
Environmental Requirements | While performing the duties of this job, the colleague is required to work within the selected working environments. | Working Condition | Yes | No | Comments | Extreme Cold | | X | | Extreme Heat | | X | | Humid | | X | | Wet | | X | | Noise | X | | | Hazards | X | | | Temperature Change | | X | | Atmospheric Conditions | | X | | Vibration | | X | | Other | | | | | | | | | | |
|