Community Health Systems is one of the nation’s leading healthcare providers. Developing and operating healthcare delivery systems in 47 distinct markets across 16 states, CHS is committed to helping people get well and live healthier. CHS operates 79 acute-care hospitals and more than 1,000 other sites of care, including physician practices, urgent care centers, freestanding emergency departments, occupational medicine clinics, imaging centers, cancer centers and ambulatory surgery centers.

Summary:

As a member of the Cyber Architecture team, the Network Security Architect will be responsible for leading a wide range of security architecture activities aimed at maturing the Network Security capabilities of the organization with respect to protecting the CHS network; Externally, at the Edge, Internally or Core, and Remote Access. The Architect will serve as a Network Security expert accountable for the development of security reference architectures in specific capability areas (e.g., Remote Access, Wireless, Network Access Control, Zero Trust Networking, Micro-segmentation, Intrusion Detection and/or Protection, etc.) in alignment with the National Institute of Standards and Technology (NIST) – Cyber Security Framework.

The Architect will guide technology platform decisions to reflect approved defined Network Security and Protection capabilities and architectures, business impact and exposures, emerging threats, vulnerabilities, regulatory requirements, and risks for both “on premise” and “cloud” platforms. The Network Security Architect will work with Enterprise Architects, other security functional area architects (i.e., IAM, Data Protection, Cloud), project teams, and security specialists to ensure adequate Networking Security solutions are in place throughout the enterprise including CHS-owned facilities and data centers, 3rd party cloud IT systems and platforms, and will communicate the risks and solutions to business and IT partners.

Essential Duties and Responsibilities:

• Define and document a Strategy and accompanying Security Reference Architecture (s) for securing the enterprise Network through various Networking Security capabilities (e.g., Zero Trust) at the enterprise level utilizing the NIST – CSF and NIST SP-800.53 publications as guiding principles.
• Create Network Security Architecture “Implementation Patterns” which offer the best solution for risk mitigation, performance, economics, and customer experience including Remote Access, Zero Trust Networking, Edge Computing, Cloud Computing, and etc. that can be utilized by project teams when needed.
• Aids in the development and maintenance of Network security standards based on National Institute of Standards and Technology (NIST) recommendations, specifically NIST 800-53
• Lead multiple projects on the implementation of new Network Security tooling focused on protecting the enterprise CHS Network from External as well as Internal Threats. Tools could include Firewalls, VPN Devices, Network Access Control (NAC) systems, Intrusion Detection/Protection (IDS/IPS) systems, Network Policy Servers, Cloud Delivery Networks (CDN), and etc.
• Responsible for thoroughly documenting all Network Security tooling from an Architecture perspective including the creation of Solution Architecture documents, Architecture Decision documents, Operations Manual documents, and other work-products.
• Partner with Back Office – Network Protection team to develop, implement, and (where needed) enhance enterprise network protection platforms and their architectures.
• Partner with Back Office – Network Protection team to develop and maintain specific Network Security and Protection capability and technology roadmaps for External Networking, Edge Computing, Internal Network, Remote Access, and Cloud.
• Collaborate with Cloud Security Architect and Cloud Security Back Office team in implementations of Network Security and Protection Reference Architecture onto Cloud Platforms utilizing Cloud Platform best-practices for Networking including Microsoft Azure AD, Oracle Cloud Identity Service, etc.

• Business and Soft Skill expectations:

  • Communicate and interact effectively and professionally with co-workers, management, customers, etc.
  • Maintain complete confidentiality of company business.
  • Communicate with management regarding development within areas of assigned responsibilities and perform special projects as required or requested.

Education:

• High School diploma required.
• Bachelor’s or Master’s Degree in Cyber Security, Computer Science, Information Systems (or other related field), or equivalent work experience preferred.

Experience:

Duration:

• 10+ years of IT or information security, and
• 5+ years of Network Security

Activities:

• Designed and implemented Network Protection technologies within “on-premise” and/or 3rd Party cloud platforms.
• Served as architecture or expert thought leader for Network Protection technology and influenced the strategy to address internal or external business and regulatory issues with respect to protection of sensitive data.
• Worked in process-driven structured environments, and participated in process optimization activities.

Competencies:

• Advanced knowledge of security principles, issues, and Network Protection techniques and/or implementations across “on-premise” and/or 3rd Party cloud platforms.
• Proactive identification and solving of complex problems
• Strong understanding of systems development lifecycle to provide technical leadership for multifunctional projects or initiatives.
• Effective communication of technical concepts to a non-technical audience.
• Excellent written and verbal communication skills
• 5+ years of Network Security experience preferred.

License/Registration/Certification:

• CISSP, CCSP, GCSA preferred.

Computer Skills Required:

• Productivity suite software

Physical Demands:

In order to successfully perform this job, with or without a reasonable accommodation, the following are outlined below:

• The Employee is required to read, review, prepare and analyze written data and figures, using a PC or similar, and should possess visual acuity.
• The Employee may be required to occasionally climb, push, stand, walk, reach, grasp, kneel, stoop, and/or perform repetitive motions.
• The Employee is not substantially exposed to adverse environmental conditions and; therefore, job functions are typically performed under conditions such as those found within general office or administrative work.