IT Sr. Architect, Information Security, Homebased in US

Innovation starts from the heart. Making a meaningful difference to patients around the world. At Edwards Lifesciences, we’re dedicated to developing ground-breaking technologies with a genuine impact on patients’ lives. At the core of this commitment is our investment in cutting-edge information technology. This supports our innovation and collaboration on a global scale, enabling our diverse teams to optimize both efficiency and success. As part of our IT team, your expertise and commitment will help facilitate our patient-focused mission by developing and enhancing technological solutions.

Edwards Lifesciences is hiring a Sr. Architect for our growing Cyber Security GRC team. In this role, you will be part of the Security Risk Management team primarily driving the Issues & Exceptions Management program and responsible for delivering exceptional quality decision making and partnership to Business, IT (Information Technology) and Security teams. You should innovate, challenge the status quo, embrace operational excellence, standardize processes, and use automation and emerging technologies to enhance delivery of your work product.

The Sr. Architect role will support cybersecurity governance and risk management by designing, developing and recommending secure solutions, including policy, standards, processes, applications, systems, architectures, and infrastructure that are operationally viable and efficient. You will ensure appropriate application of security products and technologies to protect Edwards’ systems and information which enable achievement of Edwards’ business objectives. You will also perform analysis of emerging cybersecurity frameworks and best practices, architectures and solutions to enforce secure policy/standards conformance. This position reports to the Sr. Manager of Security GRC. The scope of this position is global and enterprise wide and considers the information security implications unique to all Edwards divisions when developing governance and risk management strategies.  

You will make an impact by…  

  • Understanding, assessing, and formally articulating security risks for which our business partners are seeking exceptions. 
  • Creating the process and criteria around Issues & Exceptions management to collaborate across various teams within and outside Information Security. 
  • Delivering high quality risk acceptance documentation with clearly articulated risks and business impact to leadership for their approval 
  • Ensuring that remediation action plans are designed to appropriately mitigate security risk. 
  • Supporting business and product release commitments by driving risk acceptance for unmitigated security risks across key partners 
  • Preparing monthly reporting for the Security Steering committee 
  • Creating and maintain relationships with key business, legal, privacy, Internal Audit, technical engineering and IT collaborators, and other organizations throughout the company who guide in security requirements and Security Risk detection programs 
  • Identifying and create metrics and dashboards to quantify and measure the impact of security Issues & exceptions management (IEM) processes that you drive 
  • Curating & summarizing risk insights to IT and Security leadership team 
  • Effectively communicating Risk Acceptance positions and programs to applicable business partners 

What you’ll need (Required):  

  • Bachelor’s degree in information security, Computer Science, Computer Engineering or a related field.  
  • A minimum of 10 years security related technology experience focusing on IT architecture, infrastructure, application development, etc.  

What else we look for (preferred):

  • Technical knowledge on how to identify and implement security requirements during architecture reviews 
  • Possess expertise in valuing and implementing industry standards such as the ISO 27001/2, SOC 2, NIST CSF, HITRUST and FedRAMP Information Security standard. 
  • Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance) 
  • Experience in assess and managing risk in manufacturing and IT environments 
  • Possess CISSP certification (or similar) and knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS. 
  • Excellent organization and time management skills 
  • Excellent verbal and written communication skills and customer focused skills 
  • Ability to manage competing priorities in a fast-paced environment 

Aligning our overall business objectives with performance, we offer competitive salaries, performance-based incentives, and a wide variety of benefits programs to address the diverse individual needs of our employees and their families.

For California, the base pay range for this position is $138,000 to $196,000 (highly experienced).

The pay for the successful candidate will depend on various factors (e.g., qualifications, education, prior experience).   Applications will accepted while this position is posted on our Career website.

Edwards is an Equal Opportunity/Affirmative Action employer including protected Veterans and individuals with disabilities.

COVID Vaccination Requirement

Edwards is committed to protecting our vulnerable patients and the healthcare providers who are treating them. As such, all patient-facing and in-hospital positions require COVID-19 vaccination. If hired into a covered role, as a condition of employment, you will be required to submit proof that you have been vaccinated for COVID-19, unless you request and are granted a medical or religious accommodation for exemption from the vaccination requirement. This vaccination requirement does not apply in locations where it is prohibited by law to impose vaccination.