This site uses cookies. To find out more, see our Cookies Policy

Senior Information Security Engineer (CW6) in Dublin, OH at Fast Switch

Date Posted: 3/9/2019

Job Snapshot

Job Description

Job ID: 50700

Senior Information Security Engineer. This contract role in Columbus, Ohio is for a Senior Information Security Engineer within the client's software development center. The position reports directly to the Security Officer and will be responsible for day to day activities in implementing the corporate information security and compliance program. The individual will also assist in maintaining security and compliance initiatives to ensure that corporate policies, standards, procedures, and audit activities are in alignment with business, IT, and regulatory requirements. Success in the role will be measured by the effectiveness of the implementation of information security and compliance directives.

Position Details / Responsibilities:

The overall purpose of this role is to drive both information security and compliance initiatives. The individual will perform internal and external security compliance monitoring activities, managing client audits, IT control audits, and security risk assessments. This role will assist in the management of key compliances such as NIST, HIPAA, SOC 2, FedRAMP, PCI, ISO27001, HITRUST, and internal policies and standards.

Job Responsibilities Include:

  • Develop and maintain a comprehensive set of policies, standards, processes, and procedures to achieve SSAE 16 SOC2 audit
  • Maintain governance program that ensures that the security policies, standards and process are being adhered to by the business
  • Ensure healthcare information security best practices and HIPAA compliance utilizing HITRUST CSF
  • Serve as liaison to corporate security team to ensure knowledge share and adherence to best practices
  • Work with the engineering and operations teams to ensure that the infrastructure design meets industry security requirements
  • Monitor security trends and drive security best practices throughout the organization
  • Evaluating, designing, testing, and recommending new or improved controls to keep client current with industry standards and compliance requirements.
  • Work with third party firms and consultants to conduct independent security audits, vulnerability scans, and penetration tests
  • Work together with the business to provide an interface to client information security audits
  • Collaborate with legal, sales and other teams providing security guidance
  • Conduct risk analysis and advise senior management on appropriate remediation
  • Investigate, drive resolution, and document security incidents
  • Develop processes and training to ensure ePHI data security requirements are understood
     

Qualifications:

  • Bachelors Degree in related field, or equivalent work experience leading cybersecurity or information security initiatives
  • Have 5+ years’ information security related work experience, preferably within the healthcare industry
  • Professional certification in the information security space (e.g. CISM, CISSP, CISA, GIAC) or other security certification at a similar level.
  • Familiarity with security frameworks associated with COBIT, COSO, HIPAA/HITECH, ISO, ITIL, NIST, PCI DSS, SOC and SOX
  • Involvement or knowledge of several aspects related to a SSAE 16 SOC 2 Audit
  • Effective fundamental understanding across multiple Information Security Domains
  • Aware of common security vulnerabilities like OWASP Top 10 and Ransomware with the ability to communicate successfully to the business the remediation
  • Experience with understanding HIPAA/HITECH regulations and guidelines for securing ePHI data
  • Experience advising and mentoring diverse teams where you do not have direct authority
  • Strong written and verbal communication skills
  • Strong problem solving and organizational skills
  • Ability to conduct up to 25% travel

To view all our open positions, please go to: http://www.jobs.net/jobs/fastswitch/en-us/all-jobs/