Intuitive Surgical Careers
Systems Security Architect
Primary Location: United States-California-Sunnyvale-US-CA-Sunnyvale
Requisition ID: 180159
Who is Intuitive Surgical? The numbers tell an amazing story. Learn more about our company.
Systems Security Architect is responsible for evaluating and developing and implementing security architecture designs and technology solutions to address current and emerging security risks. This individual will collaborate with both internal and external partners to ensure that technology decisions fit and support business objectives, including regulatory, availability, confidentiality, and data integrity.
If you exemplify our values and want to be part of Company that is really passionate about providing value for the patients and customers we serve, this is the role for you.
Roles and Responsibilities:
• Define and implement an overall information security architecture, which is aligned with IT strategies and principles, to address internal/external threats as well as all platforms (application, network, mobile).• Assist with the development, implementation, and management of security controls, processes, and policies as a result of analysis, research, and recommendations• Promote the enterprise architecture process, its outcome and ongoing results by mentoring IT staff• Identify and implement process improvements in the architecture and/or infrastructure of existing systems in regards to Information Security• Perform security reviews of server / network / web application design within a virtualized environment and ensure compliance with Company security policies and security best practices.• Acquire a complete understanding of a company’s technology and information systems, Plan, research and design robust security architectures for any IT project• Contributes to the alignment of security governance with IT architecture governance and project and portfolio management (PMO).• Serves as a security expert in application development efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices.• Collaborate across teams to build and maintain creative solutions to security problems.• Acts as a technical consultant for the enterprise, ensuring security design for systems align with business needs, architecture and technical standards.• Conduct risk assessments of new development efforts as well as externally purchased applications and web services• Evaluate new technologies and processes that enhance security capabilities• Recommend and design security controls to support the data security needs of systems being developed or acquired.• Develop information security policies, standards, and procedures; and assist in resolving security policy issues and implementing security procedures.• Oversee security awareness programs and educational efforts• Analyze potential impact of new threats and exploits, develop and implement solutions to mitigate those threats, and communicate risks to relevant business units• Researches, designs and advocates new technologies, methodologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners and vendors.• Respond immediately to security-related incidents and provide a thorough post-event analysis, Update and upgrade security systems as needed• Proactively reviews and analyzes new or proposed security systems, tools and methodologies, assessing their risk and their value in support of security strategy and corporate goals.• On an ongoing basis conduct security assessments and audits of IT's application and infrastructure portfolio to identify determine issues, weaknesses and gaps in processes and technology• Achieve security architecture compliance on requirements, including but not limited to: Sarbanes-Oxley, HIPAA/HITECH, data privacy, and state and federal regulations
• BA/BS degree in Computer Science, a related technical field or equivalent practical experience.• 10+ years of combined IT and security work experience in application development, with a broad exposure to application and multi-platform environments.• Active Industry Standard Security certifications including: SANS, GIAC, CEH, CISA, CISSP, and CSSLP.• Knowledge of a relevant enterprise architecture methodology (for example, the Zachman Framework or TOGAF or SABSA).• Expert knowledge of security issues, techniques and implications across all existing computer platforms.• Strong conceptual thinking and communication skills — the ability to conceptualize complex business and technical requirements into comprehensible models and templates.• Strong team-oriented interpersonal and communication skills; ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding• Ability to work well under minimal supervision.• Proven ability in application security process and organizational design.• Experience in software-based networking technologies and SDN management interaction between applications and orchestration systems (API).• Experience working with multiple operating systems.• Experience securing scalable web architectures and distributed systems• Experience securing and architecting cloud based infrastructures (e.g. MS Azure, Amazon AWS and Google)• Expert experience in evaluating and assessing security threats across a variety of environments and industries• Knowledge of PCI and SOX controls• Must be self-driven and motivated• Flexible, adaptable, and able to manage multiple tasks in a dynamic, fast-paced environment.• Hands-on information security experience with security architecture, network security, and/or computing platform security