Senior Security Architect
Boston, MA

Job Description

Senior Security Architect

Our Security Architect will set the overall security strategy for the NantHealth product lines. This position will focus on driving the next evolution of our product security program. This individual will work with product management, software architects, software engineers and other information security teams to ensure that our product security continues to be effective in response to the ever-changing threatscape that NantHealth faces.

The qualified candidate will have deep knowledge of secure software design practices and principles, capable of establishing security requirements for both software-as-a-service (SaaS) products and internal software solutions. The candidate will also be familiar with secure software design frameworks and designing products in the Healthcare marketplace.

The Basics

* Work alongside Product Management and the software architects to maintain, execute, and prioritize product security features
* Evolve and execute product security strategy
* Efficiently and effectively evaluate and communicate product security posture to the NantHealth Product team, with recommendations and prioritization as required
* Validate and improve our product Secure Development Lifecycle and global regulatory compliance
* Define and manage secure coding practices, including code analysis and audit
* Track to resolution open product security and vulnerability items
* Ensure product continuity in the face of an attack
* Recruit and manage the NantHealth Security Response team and administer its processes
* Work alongside NantHealth Risk Management and Security Operations teams to investigate and mitigate potential bypass and exploit techniques

What You Bring

* Strong knowledge of product security requirements built for services operating in the healthcare market.
* Deep knowledge of designing products with an understanding of HIPPA HITECH, HITRUST, EHNAC, SHARED ASSESSMENTS or other Assessment or Certification requirements.
* A good understanding of OWASP S-SDLC methodology or equivalent
* Strong knowledge in the OWASP TOP 10 Project and CIS critical controls.
* Experience testing web systems required.
* BS or MS in Computer Science or Degree in a similar field desired.
* Strong analytical, problem-solving, and organizational skills required.
* Must be proactive, self-motivated, attentive to detail, and able to work well under pressure.
* Strong communication skills required.
* Willingness to work as part of a team required
* Certifications CISSP , CISM, or related is a plus
* Experience with public and hybrid cloud implementations and security implications.

What We Bring

* We offer competitive compensation, full benefits and some great perks. More importantly, we offer you the chance to work with a great team, focused on providing leading software-based solutions and services across a continuum of care.
* Excellent benefits package including medical(HMO/PPO), dental, and vision, and a 401k with company matching so you can continue planning for financial wellness.
* Flexible/Unlimited Style Paid Time Off with 11 Paid Holidays
* Employee discounts on things like, mobile products and services, gym memberships, and a variety of additional entertainment options.

NantHealth, Inc. is a member of the NantWorks ecosystem of companies, is a next-generation, personalized healthcare company that enables more effective treatment decisions for critical illnesses and improved patient outcomes by empowering clinical decision support and providing leading software-based solutions and services across the continuum of care for physicians, payers, patients and biopharmaceutical organizations.

NantHealth is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to their race, color, religion, ancestry, national origin, sex, sexual orientation, age, disability, marital status, domestic partner status, or medical condition.This job description is intended to describe the general nature and level of work being performed by the person assigned to this position. The primary duties and responsibilities are intended to describe those functions that are essential to the performance of this job and does not state or imply that the above are the only duties and responsibilities assigned to this position.