Role Description :
This position is responsible for managing the security and safety program of the company. Plan, develop, and implement electronic security systems;
perform related work research, design, develop and implement technology based security systems, software and networks; design, install, and maintain company’s building security cameras.
Manage, supervise and direct the security area and security programs such as but not limited to; Identity & Access Management, Data Loss Prevention, Monitoring & Reporting, Application & Data Protection, Business Continuity Planning and Disaster Recovery.
Partner and collaborate with peers and associates within the enterprise and out-tasked vendors ensuring the highest levels of Confidentiality, Integrity and Availability.
Serve as IT focal point for security incident response planning and implementation.
Enhance existing information security policy and facilitate the training for all associates identified in the policy as well as provide guidance to IT security staff.
Determine threats, identify risks and vulnerabilities to the organization, research security breaches and recommend corrective actions.
Address security risk scenarios such as business disruption, massive security breaches or loss of critical corporate information in addition to monitoring compliance with security policies.
Consult, drive strategy, and develop programs to manage access control to data / entry points.
Provide oversight, leadership and direction for all IT Security initiatives including IT SOX, HIPAA, other compliance regulations and Business Continuity and Disaster Recovery.
Maintain a good working knowledge of the day-to-day operating environment, available tools, operating techniques, and end-
Strong leadership skills; ability to define, lead and implement security, privacy and compliance initiatives across multiple business units and functions.
Technical proficiency in security-related hardware and software; ability to function as a risk and security consultant to other IT groups and business partners on security matters.
Oversee operating budget for the unit and monitor expenditures, costs, time, and manpower.
Education and Experience :
Bachelors Degree in Computer Engineering or related field is required
Master’s degree in information systems, computer science or related discipline is preferred
Minimum ten (10) years experience within Information Technology, at least five (5) years of experience as Senior Manager dealing in management, policy and security and at least three (3) in healthcare industries (preferably)
Experience in developing and administering an information security program is desirable
CISSP, CISM or CISA certifications are a plus
Proven and experienced professional with progressive experience in establishing and managing corporate wide IT security, risk, security audit strategies and initiatives
Deep understanding and experience with privacy / regulatory compliance including information security enterprise risk assessments, regulations remediation, data protection and strategy
Must have experience in developing and creating policies in support of compliance initiatives with excellent knowledge of Sarbanes-
Oxley requirements, Health Insurance Portability and Accountability Act, internal IT Audit Standards and Risk Management
Clearly communicate in English and Spanish to management