| City/State:Yonkers, New York Grant Funded:No Department:IT - Technology & Cloud Services Work Shift:Day Work Days:MON-FRI Scheduled Hours:9 AM-5:30 PM Scheduled Daily Hours:8.5 HOURS Pay Range:$156,000.00-$195,000.00 In office 4-6 times a year, or as needed. Key Responsibilities: 
 Design, develop, and implement secure, resilient cloud architecture, aligning with business objectives and regulatory standards.Lead the development of blueprints, design patterns, and reusable architecture frameworks for secure cloud deployments.Establish and enforce best practices for securing cloud environments, including network segmentation, data encryption, and identity access management, specifically tailored for cloud services.Develop governance policies and guardrails for cloud usage across business units, ensuring consistent application of security controls.Identify, assess, and prioritize cloud security risks, implementing appropriate mitigation strategies.Integrate security monitoring, logging, and alerting with existing SIEM to proactively manage threats.Design least-privilege IAM roles, fine-grained access policies, security groups, that integrate with existing privileged access management and multi-factor authentication mechanisms.Integrate identity federation and single sign-on (SSO) solutions with enterprise IAM solutions.Architect encryption strategies for data at rest, data in transit, and data in use that integrate with the enterprise HSM.Develop and enforce data protection policies, ensuring sensitive data is managed securely and complies with relevant data protection regulations.Develop security automation practices using Infrastructure as Code (IaC) tools.Design and oversee the implementation of comprehensive cloud native cybersecurity solutions that protect the organization's critical assets.Ensure that the company cloud architecture complies with relevant laws, regulations, and industry standards (e.g., HIPAA, HITECH, NYSDOH 405.46, HITRUST, etc.).Engage with external stakeholders, including vendors, partners, and regulators, to ensure the organization's cloud cybersecurity posture is robust and aligned with industry standards.Lead cross-functional teams in the design and implementation of cloud native security solutions, ensuring collaboration and alignment across the organization.Lead the continuous improvement of the organization's cloud cybersecurity architecture, ensuring it evolves to address new threats and challenges.Stay informed of the latest developments in cybersecurity, participating in professional networks and continuing education opportunities. Required Skills and Knowledge: This position requires advanced skills in Terraform, Python, AWS Security Services, SCP/IAM Policy - JSON, CNAPP Tooling, AWS Config/Conformance Packs. 
 Deep understanding of cloud-based cybersecurity principles, including encryption, authentication, access control, and network security.Extensive experience in designing and implementing cybersecurity architectures for complex, enterprise cloud environments.Familiarity with common enterprise architecture frameworks including SABSA, OESA, TOGAF and similar.Expertise in cloud security, identity and access management (IAM), and security information and event management (SIEM) systems.Ability to translate research findings into practical solutions that address real-world security challenges.Strong strategic thinking skills, with the ability to develop and execute long-term cybersecurity plans.Ability to lead large-scale cybersecurity initiatives and projects, ensuring alignment with organizational goals.Excellent communication skills, with the ability to present complex technical information to both technical and non-technical audiences.Strong interpersonal skills, with the ability to build relationships and influence stakeholders at all levels of the organization.Experience in collaborating with cross-functional teams, including IT, legal, compliance, and business units. Required Experience: 
 Experience: 10+ years of experience in cybersecurity, with a focus on solution design, architecture, and leadership.Experience in Leadership: Extensive experience leading cybersecurity teams and initiatives at a senior level.Experience in Solution Architecture: Hands-on experience designing and implementing cybersecurity solutions in large, complex organizations. Education: 
 Master's degree or equivalent experience in Cybersecurity, Computer Science, Information Security, or a related field. Certifications (Preferred but not required): 
 AWS Certified Solutions Architect (Professional)AWS Certified SecurityAWS Certified AI PractitionerMicrosoft Certified Cybersecurity Architect ExpertEC-Council's Certified Network Defense Architect (CNDA)GIAC Defensible Security Architecture (GDSA)ISC2's CISSP - ISSAP (Information Systems Security Architecture Professional) Personal Attributes: 
 Visionary Leadership: Ability to inspire and lead teams towards a shared vision of cybersecurity excellence.Curiosity and Innovation: A natural inclination to explore new technologies and push the boundaries of what is possible in cybersecurity.Integrity and Ethics: Commitment to ethical behavior and adherence to the highest standards of professional conduct.Resilience and Adaptability: Ability to navigate and lead in a fast-paced, ever-changing cybersecurity landscape.Strategic Thinking: Ability to see the big picture and develop long-term strategies that align with organizational goals. This position requires advanced skills in Terraform, Python, AWS Security Services, SCP/IAM Policy - JSON, CNAPP Tooling, AWS Config/Conformance Packs. #SF-DICE #SF-LI-SCMontefiore Health System, Inc. is an equal employment opportunity employer. Montefiore Health System, Inc. will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law. |