Information Security Specialist

Melville, NY

Posted: 02/22/19 Category: Healthcare IT Job Number: 6726

Position:  Information Security Specialist
Location: Melville, NY
Full Time

Job Description
  • Reviews and documents security risk and controls surrounding enterprise information technologies, applications and services.
  • Maintains policies, standards and procedures to align with information security frameworks and enterprise strategies.
  • Supports the information security awareness and training program.
  • Responsibilities:
    • Perform application security reviews, vendor/business associate assessments, threat modeling and vulnerability analysis based on the NIST/HITRUST framework.
    • Oversee corrective action plan development, establish remediation priorities, and track status.
    • Provide information security subject matter expertise to developers, engineers, and workforce members on information security risk assessments, vulnerability remediation and threat detection techniques.
    • Maintain Information Security policies, standards and guidelines.
    • Develop and maintain security awareness and training materials to reinforce required security controls and address gaps noted in assessments.
    • Write technical reports based on security review findings and recommendations. Reviews and validates that network infrastructure and endpoint device configurations comply with the latest industry standards and framework (i.e. HITRUST, NIST, HIPAA and PCI-DSS).
    • Performs other duties, as required.
  • Qualifications
    • High School Diploma or equivalent, required and minimum of eight (8) years progressively responsible information technology risk management or security experience, required OR Bachelor’ s Degree in Information Security or Audit or related field, required AND Minimum of five (5) years progressively responsible information security assessment or audit experience, required.
  • Thorough knowledge and understanding of current information risk assessment techniques, required.
  • Working knowledge of IT standards, federal and state compliance regulations, and security frameworks including HIPAA, HITRUST, NIST, ISO27001, and PCI-DSS, required.
  • In-depth technical knowledge of Information Security principles and processes and experience writing/maintaining information security policies, standards and guidelines, required.
  • Attention to detail, excellent writing, documentation, communication, presentation, customer service and interpersonal skills, and the ability to work with all levels of management, required.
  • Healthcare environment, preferred.
  • Certified in at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Security+, Global Information Assurance Certification (GIAC) or related certification, preferred.

Nathaniel White
Technical Recruiter

Contact Nathaniel today to learn more about this great opportunity.

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.