• Information Security Architect II

    Novant Health (NC)


    What We Offer

     

    As part of our Information Techonology team, you’ll play a critical role in safeguarding our information systems throughout their lifecycle. This includes identifying systems within your scope, understanding sensitive data flows, enforcing security principles, and supporting incident response activities.

     

    Under general supervision, the Information Security Architect II develops and implements enterprise security architecture and technology solutions to meet evolving business, compliance, and regulatory needs. You will contribute to our technical security strategy, analyze emerging threats, and ensure security is embedded in enterprise technology initiatives.

     

    Schedule: 8:00AM – 5:00PM Monday – Friday (On call support required, as needed).

     

    What You’ll Do

     

    + Design and implement secure systems and network architectures aligned with corporate security policies and standards (NIST, CIS, ISO 27001, HIPAA, PCI).

    + Collaborate across IT teams to integrate security into future-state technology decisions.

    + Conduct research on security trends, threats, and solutions; present findings through reports and presentations.

    + Serve as a subject matter expert for secure system design, configuration reviews, and vendor risk management.

    + Support incident response activities and ensure compliance for PHI, PII, and payment card data.

     

    What We’re Looking For

     

    + Strong technical background in information security architecture and design principles.

    + Knowledge of security frameworks, compliance standards, and emerging technologies.

    + Ability to work independently on most phases of security planning, implementation, and monitoring.

    + Excellent communication skills to advocate for security best practices internally and externally.

     

    What We're Looking For

     

    + Education: 4 Year / Bachelors Degree, preferred.

    + Experience: Minimum three years proven information security experience. Minimum three years information system administration, implementation, or design experience. Minimum three years customer service experience, required.

    + Ability to work with modern automation tools, including AI/RPA or ML, strongly preferred.

    + Ability to design and deploy zero trust architechture, including solutions like Zscaler ZIA/ZPA, strong preferred.

    + Licensure/Certification: Security+ or equivalent, required. CASP, SSCP, C|EH, SANS GIAC, CISM, CRISC, CISSP, preferred.

    + Additional Skills:

    + Able to develop productive working relationships with business and technical groups. Working knowledge of information management systems, data structures, data analysis, and report generation. Functional Knowledge of HIPAA, ISO 27001/27002 framework, NIST Standards, PCI-DSS, and COBIT.

    + Demonstrated ability to effectively prioritize multiple responsibilities.

    + Takes responsibility and demonstrates ownership of delegated projects, tasks, and issues.

    + Strong understanding of the different layers in the OSI model as well as how they interact.

    + Strong knowledge of security concepts and best practices for technologies including (but not limited to): Microsoft Windows, MS Active Directory, Linux/Unix, Firewalls, MS SQL, routing, logging and monitoring, authentication systems, wireless, IDS/IPS, proxy technologies, remote access solutions (VPN, SSL, IPSEC) with two factor authentication, Citrix, network access control, network security monitoring, traffic analysis, data loss prevention, etc.

    + Ability to analyze and communicate strengths and weaknesses of network technology security solutions, as they relate to performance and cost.

    + Strong technical knowledge of security in more than one of the following areas: applications, server systems, databases, networks, middleware, mobile devices/mobile apps, encryption, web, identity and access management, etc.

    + Technical knowledge of emerging security solutions.Familiarity with the concept of Defense in-depth a must. Intermediate to advanced knowledge of MS Office products and SharePoint.

    + Ability to take direction as well as work with a high degree of independence.

    + Teamwork oriented. Occasional after hours and weekend work required.

    + Ability to drive/travel to multiple locations/facilities as needed.

    + Additional Skills (preferred):

    + CASP, SSCP, C|EH, SANS GIAC, or equivalent.

    + One or more additional professional security or technology specific certifications (CISM, CRISC, CISSP, CCSP, CCNP, OSCP, MCITP:EA/SA, MCSE, MCSA, Network+). ITIL Foundation.

    + Experience assessing HIPAA Security Rule controls a plus. Experience evaluating network penetration test results and application security assessments, and vulnerability reports a plus.

    + Ability to negotiate resolutions for conflicting security and business objectives.

    + Previous network and systems architecture experience.

    + Why Choose Novant Health?

     

    At Novant Health, we believe remarkable care starts with compassion for our patients, our communities, and each other. We value belonging, courage, personal growth, and teamwork, creating a space where everyone is respected, supported, and safe to show up as their full selves.

     

    Job Opening ID

     

    118579