Technical Director, Information Security
"Be a part of Matrix and have the power to make a difference every day"
Committed to Making a Difference
Our mission, vision and values statements represent our highest aspirations. Our core values live deep within the Matrix culture and embody our profound commitment to service, character and ethics.
- We create solutions to improve the quality and affordability of healthcare
- We capture and deliver reliable, real-time information that identifies and closes gaps in care and documents the state of member health.
- We strive to be an employer of choice for clinical and healthcare support professionals.
The Matrix Medical Network (MMN) Information Security (MMN-IS) group's objective is to protect MMN data resources from internal and external cyber-security related threats by implementing industry-accepted security practices throughout the organization including planning, implementation, management, and operations. Looking for enthusiastic, action-oriented team members who will thrive in our fast-paced and dynamic environment.
Will consider possible relocation assistance!
We are seeking a dynamic leader with healthcare background who's passion and drive is to lead, think out of the box, see the bigger picture, forge, grow and develop Matrix Medical Network Information Security systems, programs and practices. Be the leader to advance our technology and capabilities to a new level where we desire to be in the future! We are very excited to announce that we are currently in the process of migrating to the Cloud!
This role is responsible for leading a small IT Security Team in advancing the Information Security Program at Matrix Medical by providing security expertise and technical leadership. The Director advises and assists executives with data security, privacy, risk management, compliance, and training related to security matters. This leader should be able to identify potential risks, threats, and vulnerabilities present in the environment, and provide guidance in enabling proper security controls to mitigate them. The Director of IT Security will be a key member of the Information Technology group for driving information security practices and processes throughout the organization by managing security policies, standards, guidelines, and industry best practices.
Position requires a strong IT security leader who has experience working in healthcare industry, Incident Response and leading technical implementations of security controls.
Organizational contributions: This position is responsible for the strategic and technical leadership of the IT Security Team and oversight of the Security Program.
Interacts with the following teams: Business Operations, Legal and Compliance, Vendors, Auditors, and Information Technology.
Responsible for overseeing all aspects of the Information Security Program including, but not limited to:
- Technical Security Controls - Implement, configure, monitor, maintain, and drive advancements of security systems and technology
- Monitors internal control systems to ensure that appropriate information access levels and security clearances are maintained.
- Reviews all system-related information security plans throughout the organization's network and acts as a liaison to the Information Systems Department, Compliance Officer, General Counsel and Security and Privacy Committees.
- Security Monitoring – SIEM, IDS, other tools
- Security Testing including penetrating testing
- Secure Architecture / Configuration Management
- Incident Response
- Manages information security incident response.
- Vulnerability Management
- Risk Management - Identifies and escalate issues and provide solutions and action plans
- Conduct root cause analysis to identify and resolve complex problems impacting ISRM Infrastructure.
- Provide visibility into current risk assessment status through timely tracking, auditing, trending, and escalation of issues.
- Manage and follow-up on action plans in order to continually reduce overall information security risk.
- Compliance - Leads all information security compliance activities to assure compliance to required standards, procedures, guidelines and processes (HITRUST, HIPAA, etc.)
- Proactively oversees changes in legislation and accreditation standards that affect information security.
- Monitors compliance with the organization's security policies and procedures among employees, contractors, clients and other third parties and takes corrective action
- Security Awareness and Training
- Initiates, facilitates, and promotes activities to foster information security awareness within the organization.
- Develop and/or deliver technical training in complex technical areas.
- BCP / DR - Leads and coordinates the development of the organizations disaster recovery and business continuity plans for information systems, and tests readiness.
- Facilitate client security audits
- Other duties as assigned
Bachelor’s Degree required, preferably a technology degree in computer science, information systems or electrical engineering. Master's degree a plus.
Below are examples of certifications the ideal candidate may have:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA),
Offensive Security Certified Professional (OSCP)
Certified Incident Handler (GCIH)
Accredited CyberSecurity Education (ACE)
Offensive Security Certified professional (OSCP)
Skills and Abilities
- Seven (7) years' with information security and/or information risk management and/or information technology
- Hands on computer technical experience
- Strong Healthcare industry experience
- Five (5) years' developing, communicating, and presenting information security and risk management concepts to varying audiences
- Five (5) years hands-on incident response experience
- Five (5) years' with technologies such as Intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Event
- Three (3) years' Leadership experience
- Experience with HITRUST and HIPAA compliance
Coaching Supervisory Responsibility: Yes
Travel Requirements: Occasional travel may be required.
Matrix Medical Network is Proud to be an Equal Opportunity Employer
For immediate consideration please contact Colleen Roth at email@example.com