SSUSA Job #953: IT SECURITY DIRECTOR
IT SECURITY DIRECTOR
One of our healthcare clients in the Central Florida area is seeking an IT Security Director. This person must have at least 9+ years of managerial/supervisory experience in information technology security and experience in the healthcare industry as well. This person will be responsible for developing, implementing, and monitoring a strategic and tactical, comprehensive cybersecurity and IT risk management program. Provide the leadership necessary to manage the risk to the organization and ensure business alignment, effective governance, system availability, integrity, and confidentiality.
Develop, coordinate, and manage security programs and plans to guide the Technology Security implementation and management. Define roadmaps for technology security and risk management.
· Provide the direction for data and cybersecurity protection, security awareness programs, security architecture, security incident response, and oversee Technology Security governance and policies. Develop and deploy information security policies.
· Provides risk guidance for IT projects, including evaluation and recommendation of technical controls.
· Coordinates the IT component of internal and external audits and federal and state examinations to ensure security programs comply with relevant laws, regulations, and policies.
· Evaluates new cybersecurity threats and IT trends and develop effective security controls. Routinely review and improve system level security to stay ahead of threats.
· Assess and evaluate threats, vulnerabilities, and other risk factors. Recommend and manage security audits/assessments (e.g., penetration test, HIPAA Risk Assessment, etc.) on a periodical basis and direct the deployment of security technologies and program enhancements.
· Conducts security investigations and evaluates potential security vulnerabilities and threats, security breaches, coordinates response and recommends corrective actions. Resolve disputes, complaints, lapses, and letups through strengthening the security systems.
· Provide security leadership, training, and guidance. Ensure security policies, procedures and protocols are being executed. Define and report on information security metrics.
· Develops and oversees effective disaster recovery policies and standards to align with company business continuity management program goals. Coordinates development of implementation plans and procedures to ensure business critical services are recovered in the event of disasters or other incidents and provide direction, support, and in-house consulting in these areas.
· Responsible for the acquisition, implementation, and ongoing maintenance of security infrastructure.
· Prepare financial forecasts and budgets for security operations. In the process, proactively identify and propose ways to reduce operating expenses both within and outside direct lines of reporting hierarchies.
· Interface with business stakeholders and other functional area leaders to define security support initiatives and solutions.
· Provide direction on which new technologies should be assimilated, integrated, and introduced by staying up to date on emerging technologies.
· Develop and successfully execute IT Security integration plans to support M&A activities.
· Ensure appropriate controls are in place to meet or exceed regulatory compliance and security requirements for HIPAA, SOX and PCI based on best practices, frameworks, and standards such as NIST, COBIT, ISO27001, and ITIL.
A diverse background of technology from hardware, software, and network infrastructure is required to research solutions, maintain supplier relationships, solve technical problems, and create business opportunities.
9+ years of proven supervisory/managerial experience in Technology Security with strong business acumen.
· Bachelor’s degree in Computer Sciences or Information Technology Security or related field. A master’s degree is preferred.
· Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification.
· Knowledge of Information technology infrastructure library (ITIL) (certification preferred) with respect to security administration and information technology governance in a multi-platform environment.
· Experience in establishing cybersecurity and risk metrics for reporting.
· Working knowledge in cloud computing (Private, Hybrid, and Public clouds such as AWS and Azure) and virtualization.
· Working knowledge of infrastructure 'core services' including Active Directory, DNS, DHCP, SMTP, data encryption (transit and at rest), servers and network management, audit logs, data replication & backup, network security, account provision, MFA, etc.
· Effective influencing and negotiating skills when working with vendors
· Demonstrated ability to lead diverse teams within a complex and fast-paced environment
· Proven ability to work cross-functionally and collaboratively
· Ability to produce effective management project briefings to senior staff
· Ability to plan and manage budgets
· Ability to prepare and review infrastructure technical designs.
SEND YOUR RESUME TO CLIFF@SSUSA.COM
MENTION JOB 953 IN THE SUBJECT BOX
ONLY RESPOND IF YOU LIVE IN THE CENTRAL FLORIDA AREA!
Central Florida area