Desired Skills and Experience

  • Monitor information security risks related to the systems, networks and processes to ensure internal security controls are appropriate and operating as intended.
  • Review logs and reports from security systems. Identify abnormalities and report violations. Work with team members to resolve potential security issues.
  • Defend systems against unauthorized access, modification and/or destruction.
  • Configure and support security tools such as firewalls, anti-virus software, patch management systems.
  • Oversee and monitor routine security administration.
  • Perform risk assessments that evaluate the risk in the StayWell environment and report findings to management. Implement approved risk mitigation strategies.
  • Perform vulnerability testing and security assessments.
  • Assist with client and internal audit requests.
  • Coordinate and execute IT information security projects.
  • Coordinate response to information security incidents and provide post-incident analysis.
  • Create, manage and maintain user security awareness.
  • Research and recommend security upgrades.
  • Conduct security research to keep abreast of the latest security issues.
  • Participate in the disaster recovery program.
  • Perform other related duties as assigned.
  • Qualified and successful candidates will have at least 1-3 years of experience working extensively within information security.
  • Experience implementing and maintaining information security technologies, such as: IDS/IPS, malware prevention, end-point protection, multi-factor authentication, security information and event management (SIEM), web content filtering, encryption, network access control (NAC), data loss prevention (DLP), firewall administration and vulnerability scanners.
  • Knowledge of LANs, WANs, SANs, Microsoft Active Directory, Microsoft Windows server and desktop operating systems, Linux operating systems, Microsoft IIS, Microsoft SQL, and Oracle.
  • Experience with and involvement in Incident handling and incident response.
  • Experience with tools that perform vulnerability assessment and patching.
  • Expertise in technology platforms, tools and processes used in the healthcare environment required.
  • Expertise of enterprise architecture, IT Operations and Security required.
  • Experience with secure coding practices, ethical hacking and threat modeling
  • Experience with complex project management, personnel management, vendor management, budgeting and financial management required.
  • Experience in strategic planning and execution required.
  • Superior understanding of organizational goals and objectives required.
  • In-depth knowledge of applicable laws and regulations as they relate to IT and healthcare required, including HIPAA, NIST, GLBA, ISO 27001/27002, ITIL and COBIT frameworks.
  • Demonstrate the initiative to continuously stay apprised of emerging security threats and the general information security landscape.
  • Experience in performing log collection, correlation, and reviews of automated alerts for items such as, and not limited to: malware alerts, change detection alerts, and security system health alerts, exploit attempt alerts, etc.
  • In-depth understanding of a variety of network and application attacks; must be able to demonstrate a minimum level of familiarity with well-known vulnerabilities and exploits.
  • Excellent interpersonal, verbal, and written communication ability.
  • Excellent problem-solving ability.

Apply