In this role you will be accountable for all security-related compliance and delivery for the customers assigned. In a typical engagement, you operate as a trusted advisor in the organization, working with senior management and focusing specifically on health care industry regulated security requirements and environments in relation to client business objectives. This role helps understand operational issues and plans next steps from an information security viewpoint.
Position description:
- Compliance and operational focused.
- Lead Security operational governance activities, Multi-3rd party services, and Dedicated or shared (industry) services.
- Ensuring delivery excellence in security tooling and business operations (Ensuring avoidance of non-performance / non-compliance contractual penalties).
- Relationship management with client suppliers to client.
- Maintain an account security plan for the selected account(s) and Products.
- Manage and report security incidents.
- Ensure Audit preparation, facilitation and remediation.
- Manage Security Risk and Exception to standards management.
- Ensure knowledge and implementation of security fundamentals, policies and standards (regulatory and contractual).
- Escalate and resolve Security Incidents with the Security Incident Response team.
- Coordinate delivery of Security Metrics and Reporting in support of contractual commitment.
Requirements:
- 8+ years’ experience working in a risk management, audit, security or technical delivery role. Experience as a Security consultant, architect and/or engineer.
- CISSP or CISM Certification is required.
- SIMM and SAM knowledge required for Compliance
- Project Experience requirements:
- A solution that integrates at least two applications, one of which is a COTS.
- A solution that interfaces with at least five external systems, at least one (1) of which is real-time.
- A solution that is accessed by at least one thousand (1,000) users at multiple locations.
- A solution that has a contract value of at least ten million ($10,000,000) dollars.
- A solution that includes multi-tiered processing, including a customer or User facing front-end optimized for multiple User interface platforms.
- Experience of security processes and standards, in particular NIST 800-53, and/or ISO27001.
- Ability to influence Delivery personnel in the execution of security and compliance requirements.
- Experience in IT outsourcing business or 5+ years in industry vertical. CISSP certification, CISM/CISA or CRISC a plus.
Details:
- Candidate must be based in California with flexibility to travel and work onsite as needed.
- Functionally reports to the Information Security Leader as part of the office of the Chief Information Security Officer to coordinate effort, solutions, and promote Security Practices.
- Works in conjunction with the Account Delivery Executive
- Partners and collaborates with Information Security staff and partners to leverage existing solutions and promote common standards.