Network Security Manager

Galen College of Nursing is looking for a Network Security Manager to be responsible for delivering best practices, solutions, and services related to the confidentiality, integrity, and availability of business-critical network and security infrastructure and information across the organization. The position works closely with IT and other departments to understand, define, prioritize, and deliver solutions based on current and future business needs and compliance requirements. This responsibility includes protecting networks, local and remote users, cloud hosted and locally installed applications and services, operating systems, endpoints, and mobile devices. Key security focus areas for this position are incident response, security awareness, forensics, and audit compliance. This individual will also assist with governance, especially to ensure that Galen College complies with the Gramm-Leach-Bliley Act (GLBA), the Family Educational Rights and Privacy Act (FERPA), Payment Card Industry and public key infrastructure (PCI/PKI) standards, and the Information Security Policies and Standards of HealthTrust and HCA.

• Day-to-day management of information security environments, and related networking and telecommunications equipment, services, tools, standards, policies, and contracts
• Maintain information security devices and software, including firewalls, email and web content filters, O365/Azure security center, virtual private networks (VPN), demilitarized zones (DMZ), virtual local area networks (VLANs), access control lists (ACLs), security of routers and switches, workstation encryption, vulnerability management, and patching
• Recommend capital expenditures related to security and network, and coordinate the outsourced services and budget to supplement Galen staffing based on workload, experience, risk, and service delivery timelines
• Lead the identification, forensic analysis, response, investigation, and remediation of security events, incidents, and potential security breaches from phishing, malware, data loss prevention, large file upload, or other suspicious activities
• Review, develop, test, and implement security plans, products, and control techniques, and translate security policies and standards to non-security personnel
• Provide management with up-to-date information on the different threats and security vulnerabilities that the organization may face
• Execute programs for security awareness training and compliance monitoring of staff, faculty, students, applicants, alumni, and contracted third-party service providers
• Maintain appropriate security measures and mechanisms to guard against unauthorized access to electronically stored or transmitted information and reasonably protect against anticipated threats and vulnerabilities
• Monitor compliance procedures, resolve security policy issues, and ensure compliance through adequate training programs and oversight of periodic internal security audits
• Evaluate, develop, and maintain disaster recovery and business continuity readiness
• Review and recommend technical standards appropriate to information security and network operations

• Excellent risk management, analytical, teamwork, project management, and prioritization
• Professional, self-motivated, and customer service-oriented
• Ability to learn new technologies and applications quickly, and apply that to daily tasks
• Bachelor’s degree in information technology, computer science, or comparable experience, with demonstrated skills in networking, security, data storage, and telecom technologies.
• 3+ years of progressive experience planning, coordinating, implementing, and managing moderately complex IT network and security technologies (Cisco and security industry certifications a plus)
• Proficient with tools, techniques, countermeasures, and trends in network and computer threats and exploits, including network traffic analysis and packet capture
• Broad knowledge across all aspects of IT, with in-depth understanding of Local and Wide Area Networks (LAN/WAN), operating systems and applications, including Windows, Linux, Cisco, and Microsoft Office
• Proven experience with disaster recovery and business continuity practices, and management of data center and telecommunication closets
• Excellent verbal and written communication skills with demonstrated ability to interface with and influence all levels of management
• Periodic after-hours work, for security incident management. Light travel required for renovation or construction projects (<10%)