IT Security Manager

Reliant Rehabilitation • Plano, TX, US • 4d ago

Summary

Overview

The Information Technology (IT) Security Manager will lead IT Security & Risk Management and is responsible for protecting all IT resources and related information assets. This includes but is not limited to daily operations of the IT security program, managing the development of the risk management strategy, implementing and refining security monitoring applications and processes, and managing security testing methodologies including the Business Continuity and Disaster Recovery program. The IT Security Manager also serves as the company IT Security Officer for Health Insurance Portability Accountability Act (HIPAA) purposes.

Responsibilities

Essential Duties and Responsibilities:

Develop and maintain a comprehensive technology risk management strategy with key business and IT stakeholders that minimizes risk and ensures the integrity, confidentiality and availability of information that is owned, controlled, stored and processed within the business’ systems and networks. Ensure the program considers operational, regulatory/statutory, financial, technical, and security processes, policies and
Design, install and manage IT security monitoring applications, processes, operating procedures and security testing methodologies to enhance security and optimize system and network
Assess, recommend and implement appropriate tools and techniques, including but not limited to identity management and firewalls.
Develop and maintain an IT Risk Management program to continuously identify, assess, remediate, measure, and monitor IT information risks, identifying actionable areas to make risk-based IT investment decisions that reduce the overall IT risk environment.
Achieve alignment throughout IT to ensure technology risks are visible to the business and included in the overall risk rating for site and/or critical business processes, coordinating with other key stakeholders.
Conduct IT risk assessments of corporate offices and remote locations to assess the level of technology risk and the risk it inflicts on critical business processes. Develop, document and track IT risk remediation plans and gain appropriate business alignment and coordination for mitigating identified risks.
Ensure the disaster recovery and business continuity needs of the company are addressed and specific programs established, monitored and reviewed as necessary
Serve as the enterprise coordinator for computer security incident response planning, execution and awareness. Create and administer a specific business-wide IT security awareness plans and training.
Establish collaborative working relationships with the businesses, functions and regions to ensure that IT risks are managed, and IT solutions align with enterprise security and privacy standards and business
Provide security expertise in NIST and ISO 270001/2 controls, PCI, HIPAA and FERPA compliance and helps to create best practice frameworks, policy creation and business impact analysis.
Works closely with the IT and Compliance teams to ensure alignment of policies, procedures, training, and other tools related to IT Security.
Must conduct self in an ethical, legal, professional and responsible manner at all times
Must adhere to the policies, principles and guidance within the Employee Handbook and Code of Business Conduct
Attends all mandatory meetings, trainings and assignments as delegated
Performs other duties and responsibilities as assigned

Qualifications

Qualifications and Skills:

To perform the job successfully, an individual should demonstrate the following qualifications and skills:

Ability to read and write bat, shell, and PowerShell
Knowledge and experience in state and federal information security laws including but not limited to HIPAA, including NIST, PCI. Microsoft Network/Security Cert, SANS Cert, or Security Product Certification is a plus
Knowledge of Windows Certificate Authority management and .1x
Experience with encryption technologies, encryption at rest and in motion, effective hashing
Working Experience with operating system, application, network, and database security
Working knowledge of proxies, multi factor authentication, single-sign on technologies, log management solutions, and vulnerability management.
Subject Matter Expert in 1 or more security tools operated by Reliant Rehabilitation
Extremely organized and able to prioritize constantly changing demands
Ability to multi-task and prioritize projects effectively
Able to work with non-technical end users in an empathetic manner
Able to communicate professionally within all levels of the company including senior leaders and executives

Education/Experience:

Master’s degree in information security (or related field) with minimum 5 years’ experience or S in information security (or related field) with minimum of 8 years’ experience
Demonstrated organization, facilitation, written and oral communication and presentation skills
Demonstrated ability to translate complex technical procedures into plain English, easily followed by other members of the IT Group.
Excellent documentation skills and attention to details
Demonstrated ability to produce and deliver relevant and effective IT system solutions targeted to the desired solution.
Demonstrated skills in collaboration, teamwork, and problem solving to achieve
Must be able to work self-directed and under Some after-hour/weekend work will be required.
Occasional travel to other Reliant locations and
Comfortable working in a demanding fast-paced, customer-focused organization with start-up culture with evolving processes. Flexible and able to adapt to new situations as the business demands
Demonstrated supervisory experience is desirable

Work Environment:

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essentials functions. The noise level in the work environment is usually moderate. The workplace is in a corporate environment and the temperature in the work environment is usually moderate.

Physical Demands

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable the individuals with disabilities to perform the essentials functions. Must be able to walk, bend, stand, and reach constantly during a work day/shift and be able to participate in sustained activities for many hours in duration. Must be able to lift a minimum of 50 pounds at any given time to carry out the responsibilities of the position.

Must have visual, auditory, and speaking skills sufficient to evaluate, diagnose, communicate, and monitor patient needs, and to maintain accurate records, recognize people, and provide and understand written, verbal, and gestural communications.

Must have fine motor skills for legible and accurate writing and keystroking for charting, scheduling, daily correspondence, and reports; and for handling of diagnostic and therapeutic equipment.

This position requires patient lifting using appropriate biomechanical techniques frequently throughout the course of a work day/shift. Must be capable of lifting fifty (50) pounds of dead weight alone.