| InfoSec Security Leader || CA Hybrid || USC or GC only at Remote, Remote, USA |
| Email: [email protected] |
| From: Sumit Kumar Munda, Vyze [email protected] Reply to: [email protected] Job Description - This is NOT an ENIGNEER or ANALYST Role Please share linkedin profile with submission Title: InfoSec Security Leader Location: Hybrid need to be in Sacramento, CA or Roseville, CA area and go onsite occasionally Visa - USC or Green Card only Duration: 12+ months to start Start: ASAP As the Senior Information Security Leader you will be accountable for all security-related compliance and delivery for the customers assigned. In a typical engagement, you operate as a trusted advisor and security partner in the organization, working with senior management and focusing specifically on health care industry regulated security requirements and environments in relation to client business objectives. The Senior ISL helps interpret and explain operational issues and plans next steps from an information security viewpoint. This requires the ability to interact and influence at an executive management level within client organizations such as C-level IT leadership and IT Security leads. You will be able to demonstrate industry expertise and your working knowledge of security governance and compliance. Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the National Institute of Standards and Technology (NIST) 800-53 framework are the standard security frameworks that the Senior ISL will be reviewing, maintaining, and helping to assess on each designated account or health care product within client and its partners. Responsibilities: Compliance, operationally focused and security driven Lead Security operational governance activities Ensuring delivery excellence in security tooling and business operations (Ensuring avoidance of non-performance / non-compliance leading to contractual penalties). Relationship management with client suppliers and the client. Create and maintain an account security plan for the selected account(s) and Products Manage and report security incidents from start to finish Manage audit preparation, facilitation and remediation Manage security risks and exceptions Ensure knowledge and implementation of security fundamentals, policies, and standards (regulatory and contractual) Escalate and resolve security issues Coordinate delivery of security metrics and reporting in support of contractual commitment Preferred skills Experience in IT outsourcing business or 5+ years in industry vertical CISSP certification, CISM/CISA or CRISC a plus Experience: At least 10 years experience working in a risk management, audit, security, or technical delivery role Bachelor or masters degree in Computer Science, Computer Studies, Information Security (or equivalent combination of education and experience) Experience with and understanding of the security and auditing regulations Experience with audit and compliance programs, including leading audits and remediation efforts Experience with HIPAA, NIST, and FedRAMP Excellent and effective communication skills Ability to work effectively in diverse, multi-national and virtual environments Self-motivated and tenacious Demonstrate sound judgment and integrity Ability to influence delivery personnel in the execution of security and compliance requirements Experience as a Security consultant, architect and/or engineer Experience in working with security management including information governance and compliance Deep understanding and working knowledge of information security industry best practices with hands on experience Experience of security processes and standards, in particular NIST 800-53 and/or ISO27001 Knowledge of security audit and accreditation processes Ability to adapt to new security regimes. CALIFORNIA ONLY: SIMM and SAM working compliance experience **Previous work with or within California Department of Health Services and/or Welfare program is a plus The following experience is highly desired: Experience of working with NIST 800-53/ISO27001 auditors and of the audit process Experience of work as a security consultant Experience of presenting at C-level client meetings Experience of translating contractual security requirements to deliverables. Keywords: cprogramm information technology golang California InfoSec Security Leader || CA Hybrid || USC or GC only [email protected] |
| [email protected] View all |
| Thu Oct 10 03:46:00 UTC 2024 |