Manager Information Security And Compliance

Misolutions Consulting Fresno , CA 93721

Posted 2 weeks ago

We are looking for a highly motivated Information Security Manager to lead our team in governance, security monitoring, risk management, forensics and incident response.

Reports to the VP, Chief Information Security Officer. This position develops and performs information technology risk and security assessments to ensure the protection of Community Medical Centers (CMC) technology assets and compliance with applicable laws and industry regulations. This position also provides proactive operational responsibility for information security incident prevention, detection, and remediation. The Information Security Manager is responsible for the supervision of the security staff including selection, training, coaching, mentoring, evaluation and compensation as well as the efficient, effective operation of the Information Security department in accordance with established policies and procedures and CMC strategic goals and mission.

  • Manages and coordinates response teams during security incidents (phishing, DDOS, malware, etc) through resolution and to lessons learned stage
  • Develops tactical response procedures for security incidents
  • Reviews alerts and data from systems and responds accordingly, including documentation and escalation
  • Recommends and implements mitigating actions to contain incident related activity
  • Mentors junior staff to advance their skills and knowledge to promote professional growth
  • Participates in product selection, vendor evaluations, and implementations of security technologies.
  • Recommends security enhancements to management
  • Assists in the design, implementation, and maintenance of security plan, policies, procedures, and standards.
  • Perform controls testing, document results, and provide detailed updates to leadership.
  • Design and develop information security training with HR to be utilized for on-boarding and annual training.
  • Stay up to date on information security, trends and potential impacts to the business.
Minimum Required: Bachelor’s degree in Computer Science, Management Information Systems, Management Information Systems Security or related field. Five years’ experience managing and/or directing an IT security operations area and/or security monitoring or auditing and compliance experience with at least five years of which were in the healthcare industry or a healthcare setting.
icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Officer

Central Valley Community Bancorp

Posted 2 weeks ago

VIEW JOBS 8/3/2019 12:00:00 AM 2019-11-01T00:00 STATUS: Exempt, regular full-time Purpose: Identify, develop, implement and manage the Bank's corporate information security program and related programs and initiatives to include business continuity; crisis management; information security; cyber-security preparedness; information security awareness training and communication; and customer education in security matters. Assist in the planning and implementation of the company IT system, business operations, and facility defenses against security breaches and vulnerability issues. Essential Duties & Responsibilities: With or without reasonable accommodation must be able to perform all essential job functions as described below. * Establish and maintain the Bank's Information Security Program, policies and procedures to be in compliance with Federal and state laws and guidance. Collaborate with the training and compliance departments in the development and/or selection of appropriate security training programs to reinforce the Program. Recommend and review access security requirements, access levels, and other appropriate controls and restrictions for all critical applications, networks and servers. * Develop, implement and oversee regulatory governance strategies related to information security and information technology. Participate in regulatory exams where business continuity, information security and other important areas are scrutinized. Monitor emerging trends in all areas to ensure evolving threats are mitigated and compliance accomplished for new and existing Federal and other legislation and regulatory directives. * Research, develop, implement, test and review the Bank's information security processes and controls. Oversee vulnerability scanning processes on the Bank's network and in-house systems. Maintain and update the FFIEC Cybersecurity Assessment Tool at least annually. Implement and evaluate appropriate risk mitigation procedures. * Coordinate and manage the design, implementation, maintenance and training of the Bank's disaster recovery and business continuity plans, procedures, audits and enhancements. Coordinate annual "table top" exercises for the BCP and periodic review of third-party technology vendor testing programs. Ensure that an adequate Incident Response Plan that includes cyber events, is maintained. * Establish and maintain the Bank's Information Security and Technology Risk Assessments. Ensure these are updated as new products and services are implemented, new threats are detected, and as regulatory requirements are changed. Evaluate new technology prior to purchase or implementation by performing a risk assessment on the technology. Perform, evaluate and monitor the Information Security Risk Analysis for key technology vendors. Review and approve company-wide SOC 1/2 reports and monitor ongoing performance. * Prepare and present periodic system and data security analysis reports to senior management and the Board. * Ensure that critical security parameter settings on devices such as routers, firewalls and network servers are validated periodically. Establish and monitor the process to identify, track and report on security patch management. * Monitor trends and regulatory requirements relating to information security with special emphasis on cyber-security. Initiate and promote training and communication programs that foster comprehensive security awareness throughout the organization related to electronic and cyber security risks and mitigation measures. * Research and maintain awareness of the latest cyber threats and mitigation measures, including malware, ransomware, attack vectors, trends and threat intelligence. * Participate in compliance, audit and IT steering committee meetings when possible and appropriate to ensure information security is considered in all aspects of the business. Knowledge, Skills and Abilities: * Comprehensive knowledge of information technology risks * General knowledge of IT road-map strategies * Comprehensive knowledge of information technology systems and communication infrastructure * Basic knowledge of cyber risks and mitigation protocols * Strong project management skills * Knowledge of information security administration practices * Knowledge of security breach response requirements and protocols * Ability to identify, evaluate and recommend appropriate solutions to mitigate cyber-security risks * Knowledge of and ability to apply all applicable information security laws and regulations * Ability to effectively manage multiple priorities and projects * Ability to quickly identify, evaluate and respond to data security breaches and threats * Professional speaking, presentation and meeting facilitation skills * Strong business and technical writing skills * Strong organizational and recordkeeping skills * Strong personal computer proficiency, including Windows and Microsoft Office Suite products * Ability to perform essential job functions independent of daily supervision Experience and/or Education: * Seven years of experience in an information technology department, with two years (recent) in a supervisory capacity. * Three years of direct experience at a Federally regulated commercial bank, preferred. * Bachelor's degree in computer science/engineering or information systems, preferred. * Information security certification, preferred. * Membership in information/cyber security networks or associations, preferred. Travel/Physical Demands: * Travel between bank offices and client/community business location. Central Valley Community Bancorp Fresno CA

Manager Information Security And Compliance

Misolutions Consulting