Commonwealth Care Alliance is a rapidly growing nonprofit organization providing integrated health care and social support services to people with complex medical needs. Our patients are seniors and persons with disabilities covered under Medicaid or both Medicaid and Medicare. Our innovative care model is nationally recognized for its effectiveness in improving health outcomes for these vulnerable populations.
Our unique care model is empowering for our employees as well as our members. Whether you are a clinical or administrative professional, all of us at Commonwealth Care Alliance receive the satisfaction of knowing our work truly makes a difference. We enjoy a company culture of passionate advocacy in a supportive work environment with opportunities for growth and learning, competitive salaries, and a generous and comprehensive benefit package. Position Summary
Under direction of the Director of Infrastructure, the IT Manager of Information Security is responsible for the technical oversight of the information security technology portfolio and assists in the delivery of the overall information security program. The IT Manager of Information Security Operations is a hands-on technologist. The IT Manager of Information Security Operations is a subject matter expert (SME) for all information security platforms and plays a lead role in developing the organization’s information security architecture as well as auditing information security policies and procedures and investigating information security events.
As a leader within the IT Infrastructure Team, the IT Manager of Information Security Operations takes a
central role in actively promoting a culture of information security throughout the IT organization.
The scope of this position spans the IT Technology group and requires a thorough understanding of all the IT systems the enterprise uses, and how those systems are secured. The IT Manager of Information Security Operations advises the Infrastructure Team on emerging vulnerabilities and newly introduced risks to enterprise systems, and takes a proactive approach in continually assessing the security of those systems throughout their lifecycle, providing recommendations for enhancing security and adapting to new threats and vulnerabilities. Key Responsibilities
Minimum Education, Knowledge, Skills & Abilities
- Excellent customer service skills to both the Business and IT as well as a sense of urgency when resolving issues.
- Provide technical leadership for all information security platforms.
- Serve as the final escalation point for technical issues related to information security platforms.
- Architect information security solutions.
- Oversee and directly participate in the administration of all information security technology platforms, ensuring that technologies are optimally configured and maintained to provide maximum uptime and protection to the organizations’ information systems.
- Take the lead role in responding to and containing information security related incidents.
- Take a lead role in developing and managing information security programs, including, but not limited to; information security awareness, vulnerability management, vendor risk management and risk management.
- Play a primary role in the selection of new information security technologies.
- Conduct regular technical risk assessments/audits of systems and infrastructure.
- Oversee and directly participate in the installation, configuration, and monitoring of new information security technologies.
- Actively participate in the maintenance and development of the Information Security Management System.
- Engage proactively in risk management activities.
- Assist in the development and knowledge transfer to Infrastructure team members, as well as other IT or enterprise groups.
- Promote a culture of information security across all business units.
- Understand the role of systems and technology within the organization and the value they deliver to the business.
Commonwealth Care Alliance is an equal opportunity employer. Applicants are considered for positions without regard to veteran status, uniformed service member status, race, color, religion, sex, national origin, age, physical or mental disability, genetic information or any other category protected by applicable federal, state or local laws.
- Bachelor's Degree or equivalent experience.
- 10+ years of full time experience leading and managing information security professionals in a Health Care environment.
- 10+ years of full time experience in dedicated, technical information security roles.
- 5-7 years of full time experience in information technology in an area such as; networking, desktop engineering, programming or systems administration.
- Strong knowledge of information security principles and practices.
- Experience with incident response and analysis, preferably in a leadership role.
- Strong knowledge in the use of information security and networking tools such as; Nmap, Wireshark, Nessus and Kali Linux.
- Experience performing packet analysis.
- Strong knowledge of IDS/IPS, firewalls, proxies and other network security technologies.
- Strong knowledge of host-based information security technologies.
- Strong knowledge of Incident Analysis and Response concepts and techniques.
- Strong knowledge of security implications involving a variety of technologies including but not limited to; Microsoft, Cisco, Unix/Linux, EMC, and other market leaders in technology solutions, including mobile devices.