Director of Security Compliance - TN

IT Security
Ref: 270 Date Posted: Wednesday 13 Jun 2018
LinkedIn ShareShare
More

Elevation Search Solutions is actively seeking a Director of Security Compliance in the Chattanooga Market. Our client is a rapidly growing healthcare IT company focused on delivering a world class communication platform to health care clients across the nation!

What we are looking for:

You should be an expert in all things related to security and will be responsible for the information security policy development and maintenance; design of security policy education, training, and awareness activities; monitoring compliance. This position is full-time and provides competitive salary and benefits. The Director of Security Compliance is a newly created position that will work with internal stakeholders, as well as other stakeholders, to document and implement compliance controls for technical, management, and operational Federal requirements. This person will report into the CTO.
 

What you will be doing:

  • Validate security policies and regulatory requirements are met across the business, ensuring protection from domestic or international security threats.
  • Evaluate security controls to ensure effectiveness and compliance with the information security program and regulatory requirements.
  • Manage security control remediation efforts and supports internal and external information security related audits.
  • Collect and document technical architecture, operational processes and security policies from internal engineering teams.
  • Develop Vendor Security Questionnaires and maintain annual distribution.
  • Evaluates security controls to ensure effectiveness and compliance with the information security program and regulatory requirements.
  • Audit/collect security control implementation audit logs, penetration testing results, and vulnerability scan results.
  • Work with control owners and operators to ensure quality, consistency and operability of new and existing controls.
  • Work with control owners and operators to ensure quality, consistency and operability of new and existing controls.
  • Support the review of IT tools, control designs, and control remediation planning efforts.
  • Manage multiple concurrent projects with quality and in accordance with a documented schedule that meets or exceeds customer expectations.
  • Produce detailed timelines for each assigned project and implement effective project controls by monitoring progress and reporting status.
  • Review test findings, facilitate the remediation of control gaps, and escalate possible critical issues to senior management within IT.
  • Foster an innovative and inclusive team-oriented environment. Play an active role in seeking development opportunities and be a vocal member of growth strategy.

What you need to have:

  • Experience in writing Technical documentation and solid knowledge of Cloud and Security concepts. Pro-active, strategic approach to problem solving and controls execution.
  • Knowledge of current technological trends and developments in the area HIPPA, HITRUST and auditing standards.
  • Bachelor’s Degree in Information Security, Computer Science, Information Systems or other related field.
  • 5+ years combined I/T and security related work experience, preferably in healthcare.
  • CISSP or other security certifications would be beneficial.
  • Healthcare industry experience preferred.
  • Proven experience on establishing relationships and client engagement.
  • Explain technical concepts using non-technical language.
  • Preferred candidates will possess good analytical, technical, problem-solving, and exceptional organizational skills.
  • Ability to work in a high growth/fast past startup environment.