Previous Job
Information Systems Security Officer
Ref No.: 20-00241
Location: CA
Our client is currently recruiting for a Information Systems Security Analyst Officer who will be responsible for the ongoing management of information security, policies, procedures and technical systems in order to maintain the confidentiality, integrity and availability of all organizational healthcare information systems.

Be the leading edge in protecting the information of our members and employees. ISSO will be working directly with leadership across multiple functions to harden existing components of the information security program and develop new capabilities to make it more robust.

You will own and drive activates with minimal supervision and direct access to decision makers to maximize efficiency. ISSO will play an instrumental role in hardening the security architecture, policies, principles and standards by performing security control audits and vulnerability assessments and developing strategies and plans for remedial actions. ISSO will work to analyze threat data, develop strategies, and drive remediation. ISSO will also work closely with Compliance and IT to build out and support security management frameworks and regulations such as HITRUST and HIPAA (Health Insurance Portability and Accountability Act).

If you are passionate about protecting and securing applications, networks and services from being compromised and you are skilled at discovering unique threats, this position will provide you with a challenging opportunity.

Performs control and vulnerability assessments of existing applications and processes to identify control weaknesses and assess the effectiveness; recommends remedial action; works with owners to develop plans to address the remedial action recommendations.

Prioritizes and investigates threat and vulnerability management activities from Security programs, vulnerability scans, and penetration tests; collaborates with the internal group(s) to formulate plans and drive remediation.

Collaborates with IT department and business partners to ensure that security controls are implemented into the software development life cycle.

Formulates metric and audit strategies to monitor the governance of security controls.

Assists in the development of security architecture and security policies, principles and standards.

Assist in the coordination and execution of 3rd audits and assessments, e.g. Hitrust HITRUST, Penetration testing, Health Insurance Portability and Accountability Act, etc.

Assists in the coordination and completion of information security documentation.

Support new projects and implementation reviews for Security compliance.

Complete and support security concerns/questionnaire received from clients

Bachelor's degree
Security information and event management technologies and methodologies
Security operations and incident response technologies and methodologies
Working knowledge of vulnerability testing and risk assessments to identify system risks
Knowledge of Microsoft Windows and MAC OS, identity and access management systems, anti-malware solutions, and desktop security tools
Experience with common information security management frameworks, such as [International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST)] frameworks.
Audit, compliance or governance experience
Intrusion detection/prevention systems, Firewalls, IT network-based attack methodologies and tools
Good communication skills and the ability to work as a team member.
Healthcare (HMO) industry experience preferred
Program development and execution Excellent documentation skills
HITRUST security framework experience will be preferred
Must be Certified information systems security (CISSP) professional
Any additional Certificationsin any of the following: Certified information systems security professional, Certified ethical hacker, Certified information systems auditor, or related certifications will be preferred

  • ISO2700x and the ITIL, COBIT and NIST frameworks: 4 years (Preferred)
  • Healthcare HMO Industry: 4 years (Preferred)
  • HITRUST security framework: 4 years (Preferred)

  • Bachelor's (Required)

  • Certified information systems security (CISSP) professional (Required)
  • Ethical hacker, information systems auditor (Required)

  • Health insurance
  • Dental insurance
  • Vision insurance
  • Retirement plan
Paid time off