Company:Vighter Medical Group LLC
Title:IT Manager Security
Position Type:Temp to Perm
Reports to:Project Manager
Shift Type:Mon-Fri 8am-5pm, weekend requirements to be determined
Vighter is recruiting a contract security IT manager to perform their duties at MidMichigan Medical Center. The Manager of IT Security is a hands-on technical position that also oversees the operations of a team of staff supporting a risk-based cyber security function. This will include managing and retaining skilled IT security personnel, continuous improvement for strengthening security posture, and contributing toward setting and overseeing security related policies. This role requires coordination and collaboration across the IT Department, Risk, Facility Security, Biomed, Audit, and Regulatory functions. Contributes to the design and implementation of policies and procedures to ensure that healthcare industry information security standards are met. Directly manages all activities involving the support of information systems security. Helps facilitate the selection, evaluation, and implementation of information system security infrastructure and assists in strategic and operational planning. Assists with or directly manages key strategic projects as needed. This position is also a top-level technical resource for the organizations IT security application and technology stack and related services and is responsible for the enterprise-wide monitoring and management of security system architecture. Responsibilities include: analyzing and recommending capital and operational budget, long range planning and projects to meet IT security needs, hiring, mentoring and managing team members building and supporting IT security technologies, project management of teams technical tasks, assisting with long and short term strategic and operational planning for security, reviewing staff job performance and assignment of responsibilities, serving as liaison to customers and providing technical problem solving skills. Ensures appropriate resources are utilized in a prioritized and effective manner across project and operational support activities. Promotes teamwork and communication between staff, management, clinicians and stakeholders while maintaining high standards and customer satisfaction. Work closely with staff, vendors and others to provide system security that meets the needs of the organization; assist in establishing policies, procedures and standards regarding IT security; ensure that critical business functions are protected from disruption due to system failure or unavailability; ensure that enterprise applications have appropriate protections in place; act as a top-level technical consultant to others in various areas of expertise.
- Lead the development, implementation, communication and compliance monitoring of policies and procedures relating to IT Security in conformance with MidMichigan standards.
- Partner with IT Analysts to develop and enforce application accessibility requirements, ensure application vulnerabilities are identified, and data remains secure.
- Partner with network team to manage firewalls, network access and ensure a secure environment for network infrastructure.
- Collaborate with Server team to ensure that all application delivery mechanisms, active directory, domain controllers, data centers and any hosting environments are secure, and access to systems and appliances is well regulated and consistently managed.
- Identify emerging risks involving data access control technologies, information systems security issues, safeguards and techniques.
- Perform security reviews and identify security gaps in security architecture. Provide recommendations for inclusion in the risk mitigation strategy.
- Leads troubleshooting and problem-solving efforts for a broad range of IT technical issues and involving a number of IT related disciplines. Consults with users, IT staff and others on system issues and capabilities and other areas within expertise.
- Adheres to Change Management standards.
- Participates in call rotation.
- Bachelors degree in Information Technology, Business, Health Care or STEM related field- Required
- Masters degree- Preferred
- CCNA or Net+ certification- Preferred
- A minimum of five (5) years of information security experience- Required
- A minimum of three (3) years of experience: managing information security in a regulated field (Healthcare, Energy, Government, etc.), supervising and providing technical guidance and coaching of a team of associates, guiding, mentoring or leading staff, writing and enforcing IT security policies and procedures, security incident management and/or breach mitigation, risk management, disaster recovery or business continuity planning- Required
- Expert level/deep knowledge of and extensive experience with the following are required: information assurance
(IA) principles and organizational requirements that are relevant to confidentiality, integrity, availability, authentication, and non-repudiation, IT security principles and methods (e.g. firewalls, Demilitarized Zones, encryption), access control, data loss prevention software.
- Knowledge of: how data flows across the network(TCP/IP, OSI, etc.), secure configuration management techniques, HIPAA/HITECH, Payment Card Industry (PCI) data security standard, IT supply chain and third-party vendor security/risk management policies, requirements and
procedures, operating systems such as Microsoft Windows, Linux, UNIX, MacOS X
- Must possess a high degree of initiative, mature judgement, and discretion
- Experience with Penetration testing preferred
- Prior audit experience preferred
Physical Requirements/Working Environment
- Must be able to sit for more than 8 hours per day
- Must be willing to work overtime if necessary
- Must be able to use an elevator or walk up and down stairs
- Must be able to lift up to 40 pounds and carry up to 10 feet
- Must be able to routinely grasp or handle objects, use finger dexterity, bend elbows/knees and reach above and below shoulders
- Must be able to read and interpret handwritten and typewritten print
- Must be able to communicate by voice and detect sound by ear
- Must be able to pass a criminal background investigation
- Must be able to pass a urine drug screen
- General Liability, Professional Liability, and Medical Malpractice Insurance paid for by the company
- Full-time employees receive Health, Dental, Vision, Basic Life, Voluntary Life, Accidental Disability & Dismemberment, 4% retirement match 401K, Short-term and Long-term Disability, Critical Illness, and Accident Coverage.