Inova Health System - Sterling, VA

The Security Architect will employ security tools to help identify vulnerabilities to INOVA's infrastructure and remediate via working with a team of IT Security experts. Expertise in security infrastructure (including but not limited to ips, ids, monitoring, dlp, nac, proxy, and firewall) is required. Demonstrated knowledge and experience implementing, monitoring, and upgrading security technology and administrative controls necessary to safeguard computer information data and systems. Responsible for ensuring Information technology meets financial and Meaningful Use audit mandates as well as Governance, Risk and Compliance (GRC) mandates. Responsible for design and architecture of security infrastructure required for access provisioning, internal and external application access, mobile, hosted and internal data center environments.


5+ years experience in architecture or security management User, platform and device authentication, and various levels of access controls and authorization, Enterprise Directories and their integration with other systems in a large, complex environment. Enterprise class security products such as Identity Management, Web Access Management and Single Sign On. Network security, such as web proxy, reverse proxy, load balancing, IDS/IPS, Firewall, SSL VPN, WAN/LAN, DDOS prevention, wireless and remote connectivity. Infrastructure security, including windows, unix/linux, desktop/laptop, and mobile security, as well as knowledge on cryptography and PKI. Compliance frameworks and requirements such as PCI, HIPAA, HITECH, SOX etc. Knowledge on threat landscape, security threat and vulnerability management, and security monitoring and analytics

Bachelor's Degree or an additional 8 years of relevant IT related experience in lieu of degree.

Must have active security certifications.

One of more security certifications required - CISSP, CISM, HCISSP, Security+, and EPIC.

Ability to work in a diverse, transformational, fast paced environment. Ability to make independent appropriate decisions regarding risk, security gaps, remediation plans and incidents. Strong analysis and critical thinking skills. Ability to work across the enterprise and with a wide variety of technologies.