Sorry, this job is no longer accepting applications. See below for more jobs that match what you’re looking for!

Director Of Information Security

Expired Job

Infosec Hires Nashville , TN 37201

Posted 3 months ago


Our client is a leading provider of workforce and provider solutions for the healthcare industry.They are seeking a Director of Information Security is the leader of the information security portfolio reporting to the AVP Technology and Security and is a key member of the senior management team for Technology.

The Director of Information Security has overall responsibility for designing and implementing security services throughout the enterprise which includes standards, compliance, security operations center (on site and vendor), vulnerability management, and incident response and security technology oversight.


In coordination with teams throughout the company, especially Engineering, MIS, PaaS and HR create and direct the strategic Information Security roadmap and program

Continue to grow and mature the Secure Software development lifecycle utilizing a DevOps approach to security.

  • Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
  • Ensure compliance with changing laws and regulations. Identify risks and actionable plans to protect the business
  • Maintain a current understanding the IT threat landscape for the industry
  • Constantly update the information security strategy to leverage new technology and threat information
  • Direct and approve the design of security systems and manage the implementation of security projects
  • Be the internal and external Subject Matter Expert for security. Create internal and external-facing documentation about our security policies and standards and respond to internal and external inquiries
  • In partnership with Product Management and Sr. Director of PaaS develop and implement, as part of Security Roadmap, a secure DevSecOps function for the organization.
  • Chair and maintain HealthStream committee format, attendees, and agenda meetings
  • Report Key Security Metrics to internal Audit Committee and participate as a member of the Technology Committee.


Knowledge/Education and
Experience Required:

  • Minimum of eight to ten years broad senior technical, operations, or applications experience
  • 3+ years of experience with Application Security & Application Penetration Testing
  • Strong understanding of the variety of application development architectures, platforms, methodologies, and supporting operations.
  • Familiarity or experience with integrating application security assuming technologies into CI/CD pipeline
  • Strong understanding of Security operations to include monitoring, vulnerability and patch management, threat modeling and incident response. Strong knowledge ofIdentity Management technologies and associated processes.
  • Knowledge and understanding of Cloud platforms such as AWS, Azure and Google Cloud. Ability to integrate security technologies across hybrid cloud environment.

Skills Required:

  • Analytical thinking and creative problem solving are key traits for this position.
  • Deep understanding of security technologies and how to deploy them properly ( IDS/IPS, Endpoint Protection, Secure configurations, Multi-Factor authentication, email security, SEIM, etc.
  • Deep understanding of OWASP and application security. Familiar with application tools and process such as BurpSuite, Acunetix, DAST, SAST, secure code reviews.

Abilities Required:

  • Manage key service providers to service levels and performance on delivered services.
  • Strong influencing skills to include negotiation, problem solving, and conflict resolution
  • Strong project management and people management skills.
  • Solid analytical skills and understanding of processes, technology and operational concepts.
  • Ability to multi task and shift with changing priorities and projects.
See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Information Security Business Analyst


Posted 3 weeks ago

VIEW JOBS 10/25/2018 12:00:00 AM 2019-01-23T00:00 WHY HCA? At its founding in 1968, Nashville-based HCA was one of the nation's first hospital companies. Today, one of the nation's leading providers of healthcare services, HCA is comprised of locally-managed facilities that include more than 250 hospitals and freestanding surgery centers in 20 states and the United Kingdom, employing approximately 230,000 people. Approximately four to five percent of all inpatient care delivered in the country today is provided by HCA facilities resulting in more than 26M patient encounters each year. HCA is committed to the care and improvement of human life and strives to deliver high quality, cost effective healthcare in the communities we serve. Building on the foundation provided by our Mission & Values, HCA puts patients first and works to constantly improve the care we provide by implementing measures that support our caregivers, help ensure patient safety and provide the highest possible quality. Additional Facts: * Ranked 63 in Fortune 500 * Competitive Fortune 100, industry matched salaries and yearly merit increase * Computerworld Top 50 Best Places to Work in IT since 2009 * Named one of the "World's Most Ethical Companies" since 2010 * 106 HCA hospitals are on The Joint Commission's list of top performers on key quality measures. JOB SUMMARY: You will be supporting our Information Protection and Security lines of business within HCA. You will leverage a robust set of tools and work independently on projects of moderate to medium complexity. You are responsible for analyzing the business, facilitating solution definition, and successfully integrating business processes, roles and technology to ensure business objectives are met. GENERAL RESPONSIBILITIES: * Command of Business Analysis core techniques: modeling, use cases/user stories, facilitation. * Drives business centric collaboration with stakeholders, business users, and technical solution providers to understand business needs. * Evaluate business processes and lead solution definition (workflow, technology, data, etc.) to support business goals and initiatives. * Facilitating the project team through identification of product options, objective screening of products to determine best fit, and quantitative analysis to support the selection of product(s) to pursue. * Facilitate the definition and analysis of business needs and requirements for new and/or enhanced products, services, or optimized business processes. * Drive solution identification and assessment, advocating for the business needs to ensure solutions achieve desired business results. * Coordinate and lead User Acceptance Testing, prioritizing gaps and negotiating between the business and technical solution providers to gain product acceptance. * Works collaboratively with stakeholders to identify project objectives, scope, dependencies and risks for projects. * Collaborates with peers to develop a customized business analysis approach, defining the business analysis tasks, resources, and estimated effort to complete a project. * Communicates the analysis approach and work with the project team to modify and ultimately gain approval for the analysis activities. * Manages changes to the solution requirements, assessing the impact of requirement changes, and ensuring appropriate approval of those changes. * Manages solution requirement communication, ensuring that stakeholders have a shared understanding of the requirements. * Works as liaison among stakeholders in order to elicit, analyze, communicate and validate requirements for changes to business processes, data, policies and information systems. * Quickly understands business problems and opportunities in the context of the requirements, analyze and present solution options. * Leverages and matures interview and facilitation techniques to elicit business needs and requirements. * Ability to articulate Business Analysis value to the business and IT&S, handle conflict with ease and determine and execute a right-sized approach to accomplish objectives. * Developing and maturing relationships with the business stakeholders across a business area. * Facilitating communications between IT and the business. * Mentors and trains others on the use and application of the tools and core techniques. * Contributes to development of tools, templates, methods. EXPERIENCE: 5 years of applicable work experience is needed for a successful candidate. OTHER/SPECIAL QUALIFICATIONS: * Experience on IT Security projects desired * Experience working both independently and in a team-oriented, collaborative environment. * Experience facilitating medium to large sessions with a wide range of stakeholders. * Self-motivated/independent/resourceful * Excellent communication skills, written and oral * Strong analytical & problem solving skills * Strong interpersonal skills * Effectively deals with ambiguity * Organizational skills to work with the vast array of information gathered during elicitation and analysis and to cope with rapidly changing information * Experience modeling business processes using industry recognized notations. We are an equal opportunity employer and value diversity at our company. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status. HCA Nashville TN

Director Of Information Security

Expired Job

Infosec Hires