Vacancy caducado!
- Ensure security configuration compliance on requirements, including but not limited to HIPAA/HiTrust and state and federal regulations.
- Administer security toolsets; assist in working with external security vendors and the technical systems team in defining the scope of internal and external vulnerability scans and penetration tests.
- Develop and deliver security awareness training for the organization.
- Assist with developing and implementing global security policies, standards, and procedures.
- Ensure the confidentiality, integrity, and availability of the data residing on or transmitted through the organization’s systems, applications, databases, and any other data repositories. Detect any unauthorized attempts to access the system. Collaborate with the technical services team and cross-functional departments to remediate security risks.
- Assist in performing information technology risk assessments.
- Provide recommendations for additional security solutions or enhancements to controls to improve the overall security and “defense-in-depth” strategy.
- Assist in the deployment, integration, and initial configuration of all new security solutions and any enhancements to security solutions in accordance with established best practices and standards.
- Research, develop, implement, test, and review the organization’s information security to protect information and prevent unauthorized access.
- Maintain up-to-date knowledge of the IT security industry, including awareness of new or revised security solutions, improved security processes, and the development of new attacks or threat outbreaks. This should include continuation of education and certifications to maintain compliance with regulatory requirements and guidelines.
- Maintain documentation and evidence gathering for reporting and incident analysis.
- Proficient in Windows operating environment using Microsoft Office applications, email, and internet programs.
- Strong experience as an information security professional, with advanced experience developing, documenting, and driving the adoption of information security standards and procedures.
- Strong background with firewall products, intrusion detection systems, DMZ, IPSec, DNS, SMTP, HTTP proxies, etc.
- Knowledge of security best practices across multiple platforms, such as Microsoft Windows, Microsoft Office365, and Cisco IOS.
- Strong project management skills.
- Strong written and verbal communication skills, time-management skills, and the ability to prioritize tasks efficiently.
- Experienced in GRC tools—such as KnowBe4 KCM—to document risks, security exceptions, security incidents, policies, standards, and control procedures.
- CISSP or similar certification in information security preferred.
- A minimum of a bachelor’s degree—preferably in cybersecurity or a similar discipline—and five years’ experience with security management frameworks (e.g., NIST, SANS, SCS). An equivalent combination of education, training, and experience will be considered.