UAB Medicine · 3 weeks ago
Information Security Architect - PCI/GRC
Birmingham, AL
Full-time
Onsite
Senior Level
$126K/yr - $206K/yr
6+ years expUAB Medicine is Alabama’s largest single-site employer and operates over 1,200 beds and over 200 clinics. The Information Security Architect will lead the Enterprise Payment Card Industry Assessments program, develop partnerships for PCI compliance, and serve as a PCI DSS expert within the Health System.
BiotechnologyHealth CareManufacturingPharmaceutical
Responsibilities
Lead the Enterprise Payment Card Industry Assessments program
Develop partnerships with Health System departments to aid in PCI compliance
Serve as a PCI DSS expert for the Health System as it relates to current and future processes, applications, documentation, and products
Promote awareness and training of PCI principles, requirements, and security best practices
Provide technical expertise to departments completing SAQs
Qualification
Required
Bachelor's degree in Information Systems or a related field and six (6) years of related experience required
Work experience may substitute for education requirement
Preferred
Certified Information Systems Security Professional (CISSP) certification preferred
One of the following certifications preferred: CISSP, CCNA, CEH, OSCP, GPEN
Experience with two or more programs outlined below in a Healthcare setting preferred: IT Risk Management, Performing risk assessments on vendors, departments, systems and facilities, Working alongside business/system owners to remediate risk findings, Administrating GRC system (LogicGate, MetricsStream, Archer, etc.), Following up with vendors where risk items have been identified for remediation, Working with risk owners to document remediation plans and exceptions, Assessing risk of vulnerabilities of assets on the network, Mapping risk findings to common controls, Determining risk of firewall requests, Documentation of control procedures, Assist with development of controls assurance program, Compliance Management (PCI, HIPAA, NIST, URAC, Meaningful Use, etc.), Coordinating technical application risk assessments that meet PCI requirements, Coordinating pen test, risk assessment and compliance assessments with external assessors
Assisting with the implementation of a cybersecurity framework and controls (PCI NIST CSF, CIS top 20, etc.)
Performing Self-Assessment Questionnaires (SAQ) for PCI compliance
Network Security
Working knowledge of TCP/IP, HTTP, SSL, SSH and other networking protocols
Ability to assess network segmentation to meet compliance requirements
Understanding of industry best practices for network baseline configuration
Reviewing firewall requests to determine risk to organization
Managing network configuration tools such as (tufin, redseal, voyance, etc…)
Benefits
100% tuition assistance
Wellness initiatives
Generous paid time off
Paid parental leave
Public Service Loan Forgiveness Program eligible employer
Plus more
Company
UAB Medicine
UAB medicine is a pharmaceutical company, it's operate in many country, mainly manufacturing heart problems medicine.
10001+ employees
H1B Sponsorship
UAB Medicine has a track record of offering H1B sponsorships. Please note that this does not
guarantee sponsorship for this specific role. Below presents additional info for your
reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (101)
2024 (84)
2023 (54)
2022 (62)
2021 (59)
2020 (57)
Funding
Current Stage
Late StageLeadership Team
Doug Brewer
President, Tombigbee Healthcare Authhority and CEO, Whitfield Regional Hospital
Terri Poe
Chief Nursing Executive
Recent News
Bizjournals.com Feed (2025-11-12 15:43:17)
2026-01-13
Bizjournals.com Feed (2025-11-12 15:43:17)
2026-01-05
2025-10-30
Company data provided by crunchbase