Director, IT Security
Posted on: March 19, 2023
Director, IT Security at Somatus
The Director of Information Technology Security will be responsible for developing, implementing and monitoring a strategic, comprehensive enterprise cybersecurity and technology risk management program. He/she will provide the vision and leadership necessary to manage the risk to the organization and will ensure business alignment, effective governance, system and product availability, integrity and confidentiality.
Essential Duties and Responsibilities:
Provide the direction for Somatus' data and cybersecurity protection, and develop and maintain technology governance and policies.
Develop Somatus' security strategy, security awareness programs, security architecture, and security incident response plans.
Provide strategic risk guidance for technology projects, including evaluation and recommendation of technical controls.
Educate technology and Somatus leaders on appropriate security risk and mitigation strategies.
Collaborate with legal and compliance teams, as needed, and coordinates the technology component of both internal and external audits, including HITRUST CSF assessments, to ensure security programs are in compliance with relevant laws, regulations, standards and policies.
Lead investigations of any actual or potential information security violations and manage escalation of security events.
Develop, maintain and publish up-to-date security policies, standards and guidelines. Oversee training and dissemination of security policies and practices.
Work with system administrators and application developers to audit, monitor and validate their environment's security, including conducting gap analysis and other comprehensive internal assessments of existing systems to improve the security infrastructure and mitigate risks.
Evaluate new cybersecurity threats and technology trends and develop effective security controls.
Develop and oversee effective disaster recovery policies and standards to align with company business continuity management program goals. Coordinate development of implementation plans and procedures to ensure business critical services are recovered in the event of disasters or other incidents, and provide direction, support and in-house consulting in these areas.
Evaluate potential security breaches, coordinate response, and recommend corrective actions.
Supervise staff as assigned in the performance of the job duties.
Define and report on information security metrics.
Provide project management and leadership to staff and external resources in support of established goals and objectives, and problem resolution.
Provide oversight on the architecture and engineering of new security systems: including the evaluation of technical designs.
Maintain current knowledge of industry and regulatory trends.
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.
Required Education and Experience:
Bachelor's degree from an accredited institution, with degree preferred in Computer Science or Information Technology Systems Security or related field.
Minimum of five (5) years' experience in health care technology.
Five to seven (5-7) years' experience in an information security role.
Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) Certification is a plus.
Knowledge, Skills, and Abilities:
Knowledge of Information Technology Infrastructure Library (ITIL) (certification preferred) with respect to security administration and information technology governance in a multi-platform environment.
Ability to advise infrastructure and product engineering staff in securing their respective environments.
Knowledge of and experience with HITRUST CSF adoption and certification.
Skilled in establishing cybersecurity and risk metrics for reporting.
Demonstrated management skills, e.g., budget development and administration, policy development and implementation, personnel administration, staff training and development.
Ability to prioritize and manage competing demands for resources.
Effective oral and written communication skills.
Strong ability to convey security information to non-technical end-users in a manner that inspires adoption and adherence to all IT security policies and programs.
High level of personal integrity, as well as the ability to professionally handle confidential matters and show an appropriate level of judgement and maturity.
This job operates in a professional setting. While performing the duties of this job, the employee is regularly required to sit or stand for extended periods of time. Normal manual dexterity is required.
Normal speaking and hearing abilities to interact with others in an office environment, over telephone or other video conferencing platform.
The employee is occasionally required to stand; walk; and reach with hands and arms and continuously repeat the same hand, arm finger motion many times as in typing.
Our priority is the health and safety of our members, colleagues, partners, and community. Proof of COVID-19 Vaccination is required for employment. If you are unable to be vaccinated for medical reasons or sincerely held religious beliefs, we will consider requests for reasonable accommodations consistent with our policy, and where we are able to provide such accommodations without undue hardship to the company pursuant to applicable law.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions .
Somatus, Inc. provides equal employment opportunity to all individuals regardless of their race, color, creed, religion, gender, age, sexual orientation, national origin, disability, veteran status, or any other characteristic protected by state, federal, or local law. Further, the company takes affirmative action to ensure that applicants are employed, and employees are treated during employment without regard to any of these characteristics. Discrimination of any type will not be tolerated.
Director, IT Security at Somatus
Keywords: Somatus, Denver , Director, IT Security, Executive , Denver, Colorado
here to apply!