At SCP Health, what you do matters

As part of the SCP Health team, you have an opportunity to make a difference. At our core, we work to bring hospitals and healers together in the pursuit of clinical effectiveness. With a portfolio of over 8 million patients, 7500 providers, 30 states, and 400 healthcare facilities, SCP Health is a leader in clinical practice management spanning the entire continuum of care, including emergency medicine, hospital medicine, wellness, telemedicine, intensive care, and ambulatory care.

Why you will love working here:

- Strong track record of providing excellent work/life balance.

- Comprehensive benefits package and competitive compensation.

- Commitment to fostering an inclusive culture of belonging and empowerment through our core values - collaboration, courage, agility, and respect.

Responsibilities:

Security Architecture & Design

• Apply TOGAF and SABSA principles to define and maintain the organization’s security architecture roadmap, ensuring alignment with business objectives.
• Establish enterprise-wide security requirements, best practices, and reference architectures for on-premises and hybrid multicloud (AWS, Azure) environments.
• Design and implement security controls for DevSecOps, CI/CD pipelines, identity and access management, data protection, network security, and application security.
• Evaluate and integrate new security technologies, standards, and best practices to enhance security.
• Conduct architecture and security reviews to identify vulnerabilities and mitigation strategies.

Incident Response & Threat Management

• Lead organizational threat modeling and risk assessments to drive efficient and effective implementation of security solutions.
• Collaborate with SOC team to support threat detection, investigation, and response using tools such as CrowdStrike and Rapid7.
• Analyze findings from security tools to identify trends and determine root causes.
• Develop remediation plans for identified security gaps, collaborating across the enterprise to ensure effective and timely remediation.
• Collaborate with SOC teams to enhance security monitoring, automation, and threat intelligence.
• Oversee incident response and forensic investigations, ensuring timely containment, root cause analysis, and corrective actions.
• Develop a threat intelligence program to identify broader threats to the organization, integrating intelligence into prevention and detection strategies.

Governance, Risk & Compliance

• Ensure implementation of security controls complies with HIPAA, HITRUST, SOX, SOC 2 Type II, and other regulatory security requirements.
• Develop, implement, and enforce security policies, standards, and procedures aligned with industry best practices (e.g., NIST CSF, ISO 27001, CIS Controls).
• Perform risk assessments at the architectural level to identity and prioritize mitigation strategies, ensuring security requirements meet compliance standards.
• Collaborate with audit teams to prepare for security audits, assessments, and certifications.

Collaboration & Leadership

• Collaborate with IT, DevOps, Data, and Application teams to embed security in development, testing, and deployment processes (DevSecOps). 
• Provide security mentorship and training across IT and development teams.
• Advocate for a security-first culture, ensuring that security is a foundational element of IT initiatives.
• Engage with executive leadership, auditors, and stakeholders to align security initiatives with organizational goals and risk tolerance.

Knowledge, Skills, and Abilities:

• Bachelor’s degree in computer science, information security, Business Administration or related field
• Master’s degree, preferred
• 7+ years of cybersecurity experience, with at least 3+ years in security architecture or engineering roles.
• Expertise in hybrid cloud security (AWS, Azure) and on-premises security architectures. Strong knowledge of network security, IAM, endpoint security, data security, and cloud security controls.
• Hands-on experience implementing and managing security frameworks (HIPAA, HITRUST, SOX, SOC 2 Type II, NIST, ISO 27001, CIS Controls).
• Proficiency in threat modeling, risk assessment, and security control design.
• Hands-on experience with SIEM, EDR, DLP, IAM, ZTNA, and SASE technologies.
• Strong understanding of compliance, governance, and auditing best practices.
• Familiarity with secure DevOps methodologies, CI/CD security, and Infrastructure-as-Code (IaC).
• Security Frameworks & Standards: NIST CSF, ISO 27001, HIPAA, HITRUST, SOX, SOC 2 Type II, CIS Controls
• Architecture Frameworks: TOGAF and SABSA
• Cloud Security: AWS Security Hub, Azure Security Center, cloud-native IAM, encryption, and monitoring.
• Networking & Infrastructure Security: Firewalls, VPNs, IDS/IPS, microsegmentation, Zero Trust.
• Application Security: OWASP Top 10, secure SDLC, DevSecOps, CI/CD security.
• Data Security & Privacy: Encryption, DLP, data classification, GDPR, CCPA compliance.
• Identity & Access Management: IAM, PAM, MFA, SSO, SAML, Auth, LDAP.
• Threat Detection & Response: SIEM, EDR, DR, threat intelligence, security automation.
• Strategic Thinking: Ability to align security initiatives with business goals.
• Communication: Strong verbal and written skills for technical and non-technical audiences.
• Collaboration: Experience working in cross-functional teams and with executive leadership.
• Problem-Solving: Analytical mindset to diagnose and resolve security challenges.
• Leadership: Ability to mentor and coach teams while driving a security-first culture.
• Security certifications such as CISSP, CISM, CCSP, Azure Security Engineer, AWS Security Specialty, GIAC (GCSA, GSEC, CIA, GPEN, etc.) preferred
• Experience with medical/healthcare security risks and regulations preferred
• Knowledge of container security (Kubernetes, Docker) and cloud-native security solutions preferred
• Experience with automation, scripting, and security orchestration (Python, PowerShell, Terraform, etc.) preferred

CERTIFICATES AND LICENSES:

• CISSP
• CISM
• CCSP
• Azure Security Engineer
• AWS Security Specialty
• GIAC (GCSA, GSEC, CIA, GPEN, etc.)