Information Security Officer (ISO)
Posted on Jun 22, 2022 by Request Technology - Robyn Honquest
Information Security Officer ISO
LOCATION: EAST CHICAGO, IN/MUNSTER, IN (Hybrid)
Looking for a candidate who will manage over cybersecurity engineering, infrastructure, access control, identity management, SOC, Intrusion detection prevention, Firewalls, networks, cloud computing. 10 direct reports and 10 consultants this person will manage and strategize
The Information Security Officer (ISO) monitors the organization's IT systems to look for threats to security and establishes protocols for identifying and neutralizing threats. The ISO will be an integral part of the Information Technology organization reporting directly to the CIO to help improve and communicate the maturity levels of information security, the state of cybersecurity and IT risk practices across the healthcare system.
- Leads the Information Security team that is responsible for development and implementation of the security architecture including all hardware, software, and professional services engagements to ensure the IT and network infrastructure is designed with best security practices in mind.
- Oversees the day-to-day activities of assigned staff including general functions of supervision, staffing, scheduling, orientation and training, continuing education, workflow assignments.
- Acts proactively to eliminate threat by ensuring that proper controls and technologies are in place, such as intrusion detection, prevention systems, Firewalls and other Security technologies.
- Owns and manages the Incident Response Plan and the DR plan to ensure the availability of computer resources across the organization to eliminate or minimize business disruption. Maintains incident response playbooks. Prepares and coordinates security incident response training exercises and participates in crisis response training.
- Knowledge of laws and regulations including but not limited to: Health Insurance Portability Accountability Act (HIPAA), Payment Card Industry Data Security Standard (PCI DSS), and Sarbanes-Oxley (SOX).
- Expert knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, SANS,
- Bachelor's degree
- Security certifications: CISSP, CISA, CISM and/or CRISC preferred or commitment to obtain within one year of hire.
- Minimum of 5-8 years of progressive experience in information security and privacy.
- 3-5 years supervisory/management experience required.
- Experience in the implementation and management of an organization's cybersecurity program.
- Experience with Cloud computing/Elastic computing across virtualized environments.
- Extensive experience developing Security Architecture technology frameworks.
- Experience with Mobile and remote device management tools.
- Extensive experience in implementing security technology stacks for Networks, Client Server environments, NG Firewalls, IPS systems, Identity management systems, and DATA security among others.
- Strong communication skills, writing skills and executive presence are critical component of this role.
- Experience in identifying and tracking cybersecurity metrics to identify key risk indicators and mitigation plan.