Numotion is helping thousands of people with individually configured, medically necessary mobility products and services. From manual and powered wheelchairs to disposable medical supplies that serve unique medical and functional needs, we are helping more people live more freely. We are the leading provider of this Complex Rehab Technology (CRT) in the United States.
Numotion is looking for a Director of IT Security to help fulfill our mission of improving the lives of people with disabilities by enabling them to actively participate in everyday life.
The Director of IT Security plays an integral part in the development, implementation, and compliance of technical security across the enterprise. They are responsible for developing the IT Security program and policies, managing risks related to information security, physical security, business continuity planning, crisis management, privacy, and compliance. In addition, the Director ensures all staff members are trained on enterprise and governmental security requirements through awareness programs.
Core Security Activities
Develops and implements security standards, processes and procedures, and guidelines for the enterprise
Audits and monitors security compliance ensuring meets industry and government rules and regulations
Ensures security compliance and meets all service-level agreement requirements
Establishes and runs Enterprise Cyber Risk Committee
Identify and characterize risks to the business
Prioritize projects to address risks
Articulate budget requirements to the business to address risks in a prioritized fashion
Reports security performance against established security metrics
Provide technical oversight and mentoring to staff
Track Cyber Security performance within the NIST framework
Together with CIO, represent IT on the PCRB and work to optimize the company's compliance and security positioning.
Core Compliance Activities
Point person to Numotion legal for all IT related compliance activities
Complete and/or coordinate all IT related activity for Risk Assessment, OCR audits, or other HIPAA-required IT activity
Creates and monitors IT related compliance training, communication, and education
Monitors and improves compliance with respect to Technology-related Administrative Safeguards, Technology-related Physical Safeguards, and Technology-related Technical Safeguards as outlined in HIPAA (hhs.gov/hipaa)
Disaster Recovery and Business Continuity
Together with the Environmental Health & Safety officer, and the Infrastructure Director, create a risk-appropriate Disaster Recovery and Business Continuity plan for the organization.
Identify key applications for DR/BC, including Recovery Point Objectives (RPO), Recovery Time Objectives (RTO).
Team with EHS & Infrastructure to institute an appropriate environment that meets business RPO, RTO objectives.
Write and implement a formal DR/BC plan, establishing and meeting appropriate testing cadences for the business.
Understands the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments
Creates an information security awareness program to ensure staff members across the organization understand the trade-off between risk and return
Understands "voice of the customer" and develops mechanisms to proactively sense adoption and usage patterns of consumer technologies by end users so that policy can align with need
Coordinates with technology and business groups to assess, implement, and monitor IT-related security risks/hazards
Excellent verbal and written communication skills
Ability to react to high pressure dynamic changing environments
Ability to train security concepts
Strong problem solving and analytical skills
Professional experience in running the information security office analyzing and applying information security, risk management, and privacy practices
Extensive experience in strategic planning, budgeting, and allocation
Consulting and general industry experience
Experience in law enforcement and/or national security is highly relevant
Knowledge of national and international regulatory compliances and frameworks such as NIST, ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI D
Working for Numotion, you will receive a competitive wage and benefits, including medical, dental and vision insurance, short and long term disability, a 401 K plan and life insurance.
Numotion is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, protected veteran status or disability status.
Numotion is a drug-free workplace. Candidates are required to pass a drug test before beginning employment.
Job Location Brentwood, Tennessee, United States Position Type Full-Time/Regular
United Seating & Mobility