My client is looking for a Information System Security Manager. They will be responsible for the development of and administration of ITS policy and corporate guidance for information and physical security strategies. They will work to maintain and improve the current posture and plans for continued growth and integrity of their security policies and procedures. The areas of primary responsibility include PC/server/network security, database security, application security, systems security administration and user access security administration.
location: Harrisburg, Pennsylvania
job type: Contract
work hours: 8am to 5pm
education: No Degree Required
responsibilities: Accountabilities / Essential Functions
- Responsible for developing, implementing, communicating, maintaining, and supporting IT Security technologies, programs, policies and strategies to protect information and technology assets.
- Establishes and monitors adherence to sound IT security controls, policies and procedures. Develops plans to maintain IT service continuity in the event of emergencies or disasters.
- Collaborates with ISSO to ensure accurate and tested Policies and Procedures are implemented.
- Ensure that all IT systems and services are compliant with all applicable industry regulations (i.e. HIPAA, ISO, DIACAP, URAC, FISMA).
- Collaborates with ISSO to ensure regulatory compliance
- Other duties as assigned
The list of accountabilities is not intended to be all-inclusive and may be expanded to include other education- and experience-related duties that management may deem necessary from time to time. Qualifications
- Required: Bachelor's degree from an accredited college or university in Information Management, Computer Science, Mathematics, or a related field, or equivalent years of experience.
- ITIL, CISSP certification highly desirable
- Work requires a minimum of five years of progressive security experience in a healthcare Information Technology environment
skills: Skills, Knowledge Abilities (SKA)
- Position requires a broad-based understanding of the business and its information security needs and risks; demonstrated skills in managing secure IT services.
- Firewalls, intrusion detection systems, anti-virus software, data and device encryption and other industry-standard techniques and practices
- In-depth technical knowledge of network, PC, and platform operating systems
- Applicable regulatory security requirements (NIST, FISMA, and/or DIACAP) essential
- Working technical knowledge of systems software, protocols, and standards.
- Strong knowledge of TCP/IP and network administration/protocols.
- Hands-on experience with devices such as hubs, switches, and routers.
- Strong knowledge of network packet analysis tools (ex, WireShark).
- Forensics experience, tools, and processes.
- Incident response and reporting.
- Intuition and keen instincts to pre-empt attacks.
- High level of analytical and problem-solving abilities.
- Ability to conduct research into security issues and products as required.
- Strong understanding of the organization's goals and objectives.
- Strong interpersonal and oral communication skills.
- Highly self-motivated and directed.
- Strong organizational skills.
- Excellent attention to detail.
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Able to work in a team-oriented, collaborative environment.
- Maintain strict confidentiality of highly-sensitive corporate information
- Demonstrates ability to exercise independent judgment and strong decision making skills.
Equal Opportunity Employer: Race, Color, Religion, Sex, Sexual Orientation, Gender Identity, National Origin, Age, Genetic Information, Disability, Protected Veteran Status, or any other legally protected group status.