Senior Architect, Information Security

at Edwards Lifesciences in Springfield, Illinois, United States

Job Description

Innovation starts from the heart. Making a meaningful difference to patients around the world. At Edwards Lifesciences, we’re dedicated to developing ground-breaking technologies with a genuine impact on patients’ lives. At the core of this commitment is our investment in cutting-edge information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success. As part of our IT team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions.

Edwards Lifesciences is hiring a Sr. Architect for our growing Cyber Security GRC team. In this role, you will be part of the Security Risk Management team primarily driving the Issues & Exceptions Management program and responsible for delivering exceptional quality decision making and partnership to Business, IT (Information Technology) and Security teams. You should innovate, challenge the status quo, embrace operational excellence, standardize processes, and use automation and emerging technologies to enhance delivery of your work product.

The Sr. Architect role will support cybersecurity governance and risk management by designing, developing and recommending secure solutions, including policy, standards, processes, applications, systems, architectures, and infrastructure that are operationally viable and efficient. You will ensure appropriate application of security products and technologies to protect Edwards’ systems and information which enable achievement of Edwards’ business objectives. You will also perform analysis of emerging cybersecurity frameworks and best practices, architectures and solutions to enforce secure policy/standards conformance. This position reports to the Sr. Manager of Security GRC. The scope of this position is global and enterprise wide and considers the information security implications unique to all Edwards divisions when developing governance and risk management strategies.

How you’ll make an impact…

+ Conduct security risk assessments across different IT applications and business processes across Edwards and support in maturing risk management processes to effectively manage and mitigate cybersecurity risk at scale

+ Conduct targeted risk assessments based on NIST/ISO frameworks and industry requirements

+ Triage risk to accurately capture and track them in the GRC toolSupport documentation, review, and enhancement of the risk management standard, methodologies, policy and operating procedures

+ Evaluate mitigation and remediation efforts including the design and effectiveness of operational controls, based on industry best practice models in accordance with threats, risk and compliance requirement

+ Develop, manage, and enhance risk reporting metrics such as KRIs and KPIs

+ Facilitate and support the enterprise-wide risk assessment activities

+ Integrate risk and issue management programs, and identify metrics to measure effectiveness of the integrationsProvide subject matter expertise on issues tracked by issue management

+ Develop and maintain strong relationships based on trust and transparency with primary business partners and third-party contacts

What you’ll need (Required):

+ Bachelor’s degree in information security, Computer Science, Computer Engineering or a related field.

+ A minimum of 10 years security related technology experience focusing on IT architecture, infrastructure, application development, etc.

What else we look for (preferred):

+ Technical knowledge on how to identify and implement security requirements during architecture reviews

+ Possess expertise in valuing and implementing industry standards such as the ISO 27001/2, SOC 2, NIST CSF, HITRUST and FedRAMP Information Security standard.

+ Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance)

+ Experience in assess and managing risk in manufacturing and IT environments

+ Possess CISSP certification (or similar) and knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.

+ Excellent organization and time management skills

+ Excellent verbal and written communication skills and customer focused skills

+ Ability to manage competing priorities in a fast-paced environment

Aligning our overall business objectives with performance, we offer competitive salaries, performance-based incentives, and a wide variety of benefits programs to address the diverse individual needs of our employees and their families.

For California, the base pay range for this position is $138,000 to $196,000 (highly experienced).

The pay for the successful candidate will depend on various factors (e.g., qualifications, education, prior experience). Applications will accepted while this position is posted on our Career website.

Edwards is an Equal Opportunity/Affirmative Action employer including protected Veterans and individuals with disabilities.

COVID Vaccination Requirement

Edwards is committed to protecting our vulnerable patients and the healthcare providers who are treating them. As such, all patient-facing and in-hospital positions require COVID-19 vaccination. If hired into a covered role, as a condition of employment, you will be required to submit proof that you have been vaccinated for COVID-19, unless you request and are granted a medical or religious accommodation for exemption from the vaccination requirement. This vaccination requirement does not apply in locations where it is prohibited by law to impose vaccination.