Sorry, this job is no longer accepting applications.
See below for more jobs that match what you’re looking for!
Director Of Information Security
Nashville , TN 37201
Posted 3 months ago
This Job is not relevant Tell us why
Our client is a leading provider of workforce and provider solutions for the healthcare industry.They are seeking a Director of Information Security is the leader of the information security portfolio reporting to the AVP Technology and Security and is a key member of the senior management team for Technology.
The Director of Information Security has overall responsibility for designing and implementing security services throughout the enterprise which includes standards, compliance, security operations center (on site and vendor), vulnerability management, and incident response and security technology oversight.
ESSENTIAL DUTIES OR RESPONSIBILITIES
In coordination with teams throughout the company, especially Engineering, MIS, PaaS and HR create and direct the strategic Information Security roadmap and program
Continue to grow and mature the Secure Software development lifecycle utilizing a DevOps approach to security.
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
- Ensure compliance with changing laws and regulations. Identify risks and actionable plans to protect the business
- Maintain a current understanding the IT threat landscape for the industry
- Constantly update the information security strategy to leverage new technology and threat information
- Direct and approve the design of security systems and manage the implementation of security projects
- Be the internal and external Subject Matter Expert for security. Create internal and external-facing documentation about our security policies and standards and respond to internal and external inquiries
- In partnership with Product Management and Sr. Director of PaaS develop and implement, as part of Security Roadmap, a secure DevSecOps function for the organization.
- Chair and maintain HealthStream committee format, attendees, and agenda meetings
- Report Key Security Metrics to internal Audit Committee and participate as a member of the Technology Committee.
- Minimum of eight to ten years broad senior technical, operations, or applications experience
- 3+ years of experience with Application Security & Application Penetration Testing
- Strong understanding of the variety of application development architectures, platforms, methodologies, and supporting operations.
- Familiarity or experience with integrating application security assuming technologies into CI/CD pipeline
- Strong understanding of Security operations to include monitoring, vulnerability and patch management, threat modeling and incident response. Strong knowledge ofIdentity Management technologies and associated processes.
- Knowledge and understanding of Cloud platforms such as AWS, Azure and Google Cloud. Ability to integrate security technologies across hybrid cloud environment.
- Analytical thinking and creative problem solving are key traits for this position.
- Deep understanding of security technologies and how to deploy them properly ( IDS/IPS, Endpoint Protection, Secure configurations, Multi-Factor authentication, email security, SEIM, etc.
- Deep understanding of OWASP and application security. Familiar with application tools and process such as BurpSuite, Acunetix, DAST, SAST, secure code reviews.
- Manage key service providers to service levels and performance on delivered services.
- Strong influencing skills to include negotiation, problem solving, and conflict resolution
- Strong project management and people management skills.
- Solid analytical skills and understanding of processes, technology and operational concepts.
- Ability to multi task and shift with changing priorities and projects.