Overview
Reporting to the Chief Technology Officer, the Information Security Manager is a member of the Information Technology leadership team and serves a key role in company leadership, working closely with senior leaders. Primarily responsible for aligning security initiatives with enterprise programs and business objectives, ensuring that information assets and technologies are adequately protected. Overall responsibilities may include involvement in the implementation of new security solutions, participation in the creation and maintenance of policies, standards, baselines, guidelines, and procedures and conducting vulnerability audits and assessments.
Qualifications
• High school diploma with proper certifications
• Health Information experience preferred.
• Extensive experience in TCP/IP networking, intrusion detection systems, firewalls, virtual private networks, access controls, encryption techniques, IT security solution deployment strategies and management, and vulnerability assessments, and other information security products
• Five (5) plus years of Information Technology experience with Information System technical and information security, Splunk, SCCM, Linux, Endpoint Management such as Cisco AMP, Full Disk Encryption software and Mobile Device Management, AAA strategies, Radius.
• Prior experience with Cisco Firewalls, Cisco IPS/IDS modules or related security products, as well vulnerability analysis, log analysis (SEIM)
• Hospital and healthcare environment experience supporting Information Technology
• Hands-on experience with Cisco and other top vendor network equipment.
• Hands-on experience with MS server, AD, Exchange, Mobile Devices and VMware host systems.
• Current Cisco Networking CCNA or CCNP Certification with solid design understanding switch design and best practices in that design for LAN and WAAN operations.
• Cisco Telephony including CUCM, CUC, Webex Control Hub, Expressway, UCCX.
• Experience in Devops and Netops Design, Development, Deployment, and Maintaining
• Knowledge in VMware Systems and ESXi
• Computer Language
Experience:
Java script, Python either as a standalone application or integrated with an application using APIs (Application Programing Interfaces).
• Splunk or similar tools experience desired.
• Good oral, presentation and written communication skills
• Thorough understanding of Information Technology Infrastructure Library (ITIL) or PMI approach to project management processes
• Familiarity with clinical applications requiring security review such as EHR/EMR, HL7, MU2, ICD
10, RIS, PACS, LIS, ICU, etc
• Knowledge of the Hospital industry’s best practice security goals, industry security goals, and The Brooklyn Hospital Center’s security goals, as established by its stated policies, procedures and guidelines.
• Solid understanding of IP, TCP/IP, and other network administration protocols
• Knowledge of HIPAA security rule, HITECH and other federal information security acts (FISMA, FIPS and NIST)
#J-18808-Ljbffr
