Senior Information Security Architect at HeartFlow in Austin, TX
More than 4w ago
 - https://sketch.com --%3E %3Ctitle%3EWhat is this Copy%3C/title%3E %3Cdesc%3ECreated with Sketch.%3C/desc%3E %3Cg id='PD-1239' stroke='none' stroke-width='1' fill='none' fill-rule='evenodd'%3E %3Cg id='PD-1567---Job-Leaf---Desktop' transform='translate(-221.000000, -425.000000)'%3E %3Cg id='Group-27' transform='translate(0.000000, 145.000000)'%3E %3Cg id='Group-28'%3E %3Cg id='Group-31' transform='translate(221.000000, 280.000000)'%3E %3Cg id='What-is-this-Copy'%3E %3Ccircle id='Oval-3' stroke='%23FFFFFF' cx='7.5' cy='7.5' r='7'%3E%3C/circle%3E %3Ctext id='i' font-family='LibreFranklin-SemiBoldItalic, Libre Franklin' font-size='9' font-style='italic' font-weight='500' fill='%23FFFFFF'%3E %3Ctspan x='6' y='11'%3Ei%3C/tspan%3E %3C/text%3E %3C/g%3E %3C/g%3E %3C/g%3E %3C/g%3E %3C/g%3E %3C/g%3E %3C/svg%3E)
compensation:
$80K — $100K *
industry:
specialty:
experience:
Job Description
HeartFlow is a Software as a Service (SaaS) medical device company. We use cutting-edge
technology (deep learning, computational fluid dynamics, cloud-based computing) combined with
advanced clinical expertise to revolutionize the treatment of coronary artery disease. We have an
exciting and challenging opportunity for a talented, highly technical, exceptional Senior Information
Security Architect with significant hands-on security operations, security infrastructure design and
administration experience to help continue to shape the foundation and mature our cyber-defense,
detection, and response capabilities.
You will serve as the overall lead and administrator. As an administrator, you will be responsible for
direct hands-on administration of our existing tools and cyber-security infrastructure. As a lead, you
will help build a small technical team of engineers and drive the delivery of the security functions in
your area (security engineering, threat response, vulnerability management and blue and red team
operations). In this role, you will bring together the best practices in security according to
established standards and frameworks. Ensure alignment to all regulatory and security standard
methodologies (NIST, CIS20).
The ideal candidate will have proven experience in implementing,
administering or operationalizing security solutions for a highly remote workforce environment.
This person will also be an integral part of the Security Leadership team and will be involved in
helping to lead and mature the security program.
Technical Skills
- Strong project management and hands-on solution implementation experience
- In-depth knowledge of security concepts in the various security domains which include authentication, access control, security monitoring, security testing, intrusion detection/prevention, attacks and countermeasures, cryptography, endpoint security, network security and infrastructure, assessments and audits, organizational security
- Ability to positively collaborate with IT and the other business unit teams to specify, architect and implement multiple types of security controls.
- Ensure that the potential impact of engineering changes is well understood, using data to support understanding of upstream and downstream dependencies.
- Familiarity with AWS security best practices (e.g. Terraform, Ansible, CloudFormation or similar.)
- Experience deploying, maintaining, and administering security technologies including. (ie Endpoint protection, IDS, DLP, FIM, WAFs/Firewalls, SIEM, reverse proxies, etc.
- Direct experience with maintaining and utilizing common commercial and open-sourced vulnerability scanning and security auditing tools (Nessus, Nexpose, OpenVAS, etc.) in both cloud (virtual machines, AWS, Azure, etc.) and conventional (endpoints, servers, etc.) environments
- Extensive Windows, Mac OS/iOS, Linux and Unix experience including deep knowledge of file system layout, log file analysis, timeline creation, and common configuration deficiencies
- Desktop, server, application, database, and network security hardening principles and practices for threat prevention
- Experience with one or more scripting languages (Perl, Python, or other) in an incident response environment
- Proven ability to evaluate/apply new and emerging security technologies and solutions
- Ability to analyze and prioritize vulnerabilities to appropriately characterize threats along with experience working as part of a patch management process and a familiarity with patching tools (i.e. SCCM, JAMF, KACE, etc.)
- Strong familiarity with classes of vulnerabilities, appropriate remediation, and industry-standard classification schemes (CVE, CVSS, CPE).
Soft Skills
- Effective communication and presentation skills with demonstrated ability to prepare documentation and presentations for technical and non-technical audiences.
- Excellent written and verbal communication skills, interpersonal and collaborative skills
- Must be a critical thinker, with strong problem-solving skills
- Ability to prioritize work from multiple sources, including ad-hoc and large-scale project work
- High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity
- Self-starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations, and best practices.
- Experience working with all levels of management, across diverse teams to achieve successful outcomes
Valid through: 4/21/2021
'%3E %3Cpath stroke='%236EA7E7' stroke-linecap='round' stroke-linejoin='round' d='M11.156 16.891C3.743 20.036.036 22.357.036 23.854v6.63h15.567'/%3E %3Cpath stroke='%236EA7E7' stroke-linecap='round' d='M19.041 18.217l-2.72-1.326'/%3E %3Cpath stroke='%2309AEBC' d='M13.52.032a5.52 5.52 0 0 1 5.525 5.527c0 1.528-.645 3.834-1.687 5.699-1.042 1.865-2.457 3.228-3.839 3.228-1.382 0-2.797-1.363-3.84-3.228-1.041-1.865-1.686-4.17-1.686-5.7A5.52 5.52 0 0 1 13.519.033z'/%3E %3Cpath stroke='%23666' stroke-linejoin='round' d='M13.139 16.916c.194.04 1.005.04 1.2 0l1.851 8.47-2.451 2.273-2.452-2.273 1.852-8.47z'/%3E %3Cpath stroke='%23FB8648' stroke-linejoin='round' stroke-width='.8' d='M24 28.014l-2.59 1.773.887-3.01-2.487-1.914 3.138-.087 1.051-2.956 1.051 2.956 3.138.087-2.487 1.914.887 3.01z'/%3E %3Ccircle cx='23.999' cy='26.224' r='7.607' stroke='%23FB8648'/%3E %3C/g%3E %3C/g%3E %3C/svg%3E)
'%3E %3Ccircle cx='6.022' cy='6.636' r='5.73' fill='%23FFF' stroke='%2309AEBC'/%3E %3Cpath fill='%2309AEBC' fill-rule='nonzero' d='M4.097 5.328l-.003.181a.321.321 0 0 0-.025.096c.035.515.279.914.726 1.15.34.181.714.295 1.073.44.239.095.491.168.712.295a.456.456 0 0 1 .011.78.832.832 0 0 1-.388.129c-.563.033-1.047-.181-1.474-.535-.074-.06-.131-.087-.2 0-.175.217-.35.435-.53.65-.071.085-.05.152.023.219.407.373.904.63 1.442.746.103.022.13.06.128.159-.005.22 0 .441 0 .663 0 .16.011.173.169.174h.623a.104.104 0 0 0 .09-.03.106.106 0 0 0 .03-.09c0-.246.003-.491 0-.736 0-.082.015-.12.11-.136.346-.057.668-.214.927-.452.368-.336.514-.775.547-1.26.006-.088-.036-.18-.056-.271l-.004-.06a.897.897 0 0 0-.016-.162 1.218 1.218 0 0 0-.658-.779c-.362-.172-.745-.302-1.117-.449-.235-.093-.474-.186-.7-.297a.396.396 0 0 1-.23-.422.399.399 0 0 1 .32-.357c.18-.038.363-.049.545-.03.353.035.664.198.957.392.094.06.151.046.215-.033.154-.196.312-.389.467-.585.127-.16.124-.177-.045-.294-.33-.228-.678-.417-1.077-.5-.19-.039-.188-.046-.188-.236v-.483a.84.84 0 0 0-.028-.14v-.182c.018-.086-.037-.088-.097-.087H5.75c-.114 0-.162.048-.16.162.002.215 0 .431 0 .647 0 .215 0 .219-.205.266-.359.083-.674.242-.917.522-.232.264-.392.566-.37.935z'/%3E %3C/g%3E %3Cpath d='M-4.305-5.5h40v40h-40z'/%3E %3C/g%3E %3C/svg%3E)
More Jobs at HeartFlow
Similar Jobs
More Pharmaceuticals & Biotech Jobs
$140K — $180K + $15K bonus
3 days ago
$90K + $37K bonus + full benefits, all expenses paid by company, mileage reimburseme
4 days ago