Duke Health requires team members to receive the COVID-19 and influenza vaccines. After you have officially accepted a position at Duke Health, you may request a religious or medical accommodation.
Cloud Security Architect - Duke Health Technology Solutions - Durham
The Cloud Security and Identity Management Architect is responsible for providing technical expertise on areas of Identity and Access Management (IAM) security architectures in Duke Health’s cloud environments, to support next-generation Duke Health clinical, research, and business applications. This position will serve as a central representative of Information Security for all IAM matters related to cloud security within Duke Health, including role-based security, application security, security architecture, policy enforcement, directory, platform security and security frameworks. The successful candidate will have a deep technical understanding of IAM and cloud-based security architectures as well as excellent interpersonal and communication skills required for partnering with other leaders across the organization to deliver effective and scalable solutions.
Duties and Responsibilities
- Develop a deep understanding of Duke Health’s cloud presence and architecture in both cloud and hybrid cloud environments.
- Develop a strategy and road map for IAM in the Duke Health cloud environment.
- Establish IAM and Directory related standards to support innovative infrastructure solutions for both operational and research needs that is scalable, flexible, and resilient.
- Evangelize and drive the adoption of solutions to address complex IAM problems.
- Participate in IAM enterprise governance processes.
- Design and develop security architectures for cloud and hybrid cloud systems. Possess a firm understanding of the offerings within Microsoft Azure, Amazon Web Services and Google Cloud Platform.
- Develop, build and secure cloud infrastructure (multi-cloud experience preferred), such as containers, virtual machines, databases, networking, security monitoring and administration.
- Work directly with Security Operations, GRC and Program Management teams to develop documentation, monitoring, metrics, and playbooks for integration of services into existing Information Security Office Programs.
- Maintain an understanding of available cloud platform services and technologies, their cost structures, and architectures that promote integration and security.
- Serve as a cross-platform technical subject matter expert and provide consulting support as required for cloud and cloud IAM technologies.
- Maintain an understanding of HIPAA, NIST and FISMA regulations and frameworks.
- Contribute responses to internal and external audit inquiries as required.
Level 1, 2, and 3 - Bachelor's degree in a related clinical or technical field or four years of equivalent experience required
Level 1 and 2: N/A
Level 3: One or more information security industry certifications (e.g. CISSP, CISM, CISA, CEH, or equivalent) are required
Level 1 - No experience required beyond the minimum education (or equivalency) requirement.
Level 2 - Two years of related experience is required.
Level 3 - Four years of related experience is required.
Level 3 - A Master’s degree in computer science, information systems, business management, engineering, mathematics, healthcare, a physical science, or other related field is preferred.
- Current certification(s) for Microsoft Azure with an understanding of both AWS & GCP are preferred.
- One or more information security industry certifications (e. g. CISSP, CEH, GIAC certifications, or equivalent) are preferred.
- Additional technical or management certifications (e.g. MCSE, CCNP, CCIE, or PMP) are preferred.
- 10 years of experience with Security Architecture and/or Engineering are preferred.
- 3 to 5 years of experience with Cloud platforms such as AWS, Azure, CGP are preferred.
Knowledge, Skills and Abilities
- Experience with architecting solutions within Azure, AWS and/or GCP
- Experience with assessment, development, implementation, and documentation of a broad set of security technologies and programs such as:
- Databases, LDAP and directory services
- Data protection and loss prevention
- Identity and Access Management
- Web Application Protection
- Key Management
- Incident Detection and Prevention
- Security Event Management
- Experience with deployment orchestration, automation and security configuration management preferred
- Experience presenting technical viewpoints to a diverse audience and making timely recommendations based on risk
- Proven ability to analyze customer requirements and translate into effective solutions
- Experience working in an Agile/DevOps environment and Agile backlog management is preferred
- Experience automating tasks using tools such as Ansible, Python, and PowerShell
- Understand network topologies, firewall rules, certificate management, load balancing
- Strong interpersonal and communication skills; ability to work in a team environment
- Ability to work independently with minimal direction
- Excellent written and oral communication skills
- Excellent customer service skills
- Excellent critical thinking, troubleshooting, problem solving skills
Duke is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status.
Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas—an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.
Essential Physical Job Functions: Certain jobs at Duke University and Duke University Health System may include essentialjob functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department.
Jobs For You
As you search for opportunities that fit your skills, any jobs you view will appear here.
You haven’t saved any jobs yet, but when you find an opportunity that seems right for you, bookmark it so you can return to it easily.
As you explore and apply to career opportunities with Duke Health, we want to alert you of possible fraudulent scams and phishing schemes targeted at job seekers. Duke Health will never ask for any financial contribution or to provide sensitive personal information outside of our application and background check process.