Job Specifications
Your opportunity
As an Information Security Engineer, you play a critical role in designing and implementing security mechanisms to protect Vytalize data and information systems. Responsibilities involve assessing risks, designing information system security architecture. Performing regular control assessments to identify control deficiencies and coordinating security risk assessments across the ecosystem, audits or information security program certifications. Conducting third party information security risk assessments. Working as a team to respond and manage information security events.
What You Will Do
Incident Response
Assist in the testing of the incident response plans to effectively address and mitigate security breaches or compliance violations.
Assist in the testing of the business continuity plans and disaster recovery plan to effectively sustain business process and to effectively restore the operability of a system, application, or infrastructure to effectively restore the operability of a system, application, or infrastructure during and after a cyber incident disruption.
Responding and resolving information security events and escalation.
Security Architecture Design
Evaluate and assess security technologies, tools, and solutions to determine their suitability and effectiveness in addressing the organization's security needs.
Design cloud security strategies, and implement controls to protect data, applications, and infrastructure hosted in the cloud.
In coordination with the information security team, design security architecture to protect an organization's entire IT infrastructure, including networks, systems, applications, and data that align with business objectives and compliance requirements.
Risk Assessment and Audits
Maintain and monitor the cyber security risk register with the risks, risk ratings, risk mitigation strategies and action plans.
Assist with data gathering and coordination with the various teams for audits and risk assessments.
Training and Awareness
Monitor the training campaigns to demonstrate the effectiveness of the training program and improve phishing detection and response.
Supplier Risk
Conduct vendor risk assessments to identify and document potential supplier cyber security risks, threats, and vulnerabilities for management approval.
Develop a process for third-party compliance requests monitoring and tracking and ensure timely completion
Compliance Oversight
Collaborate with internal and external audit teams, providing documentation and evidence as needed to demonstrate compliance and adherence to the information security policies.
Develop and maintain a cyber security framework continuous assessment process to provide assurances that the controls in place are operating effectively.
Vulnerability Management
Monitor remediation of the vulnerability assessment findings, including penetration test, Collaboration and Communication
Collaborating with cross-functional teams
Communicate security risks, issues, and recommendations to senior management and stakeholders.
What Will Make You Successful Here
Work experience in the healthcare information security field.
Previous Health Information Technology (HIT) experience implementing controls to meet federal security and privacy regulations.
3+ years of relevant work experience in IT security in a complex enterprise environment, preferred.
Demonstrated knowledge of information technology processes, risks, infrastructure, and information security.
Experience with incident response and vulnerability management.
Knowledge of Health Insurance Portability and Accountability Act (HIPAA), Health Information Technology for Economic and Clinical Health (HITECH), and Payment Card Industry Data Security Standards (PCI DSS).
Experience with information security assessments and audits.
Strong written and verbal communication skills
Effective collaboration with stakeholders across departments and affiliated organizations.
Ability to analyze information system security design and recommended configuration.
Detailed oriented.
Preferred expertise in security assessment methodologies.
Ability to work effectively in a complex enterprise environment.
Perks/Benefits
Competitive base compensation
Annual bonus potential
Health benefits effective on start date
Health & Wellness Program; up to $300 per quarter for your overall well-being available on start date
401K plan effective on the first of the month after your start date; 100% of up to 4% of your annual salary
Unlimited (or generous) paid "Vytal Time", and 5 paid sick days after your first 90 days
Company paid STD/LTD
Technology setup
Ability to help build a market leader in value-based healthcare at a rapidly growing organization
Please note at no time during our screening, interview, or selection process do we ask for additional personal information (beyond your resume) or account/financial information. We will also never ask for you to purchase anything; nor will
About the Company
Vytalize Health is a leading value-based care platform. It helps independent physicians and practices stay ahead in a rapidly changing healthcare system by strengthening relationships with their patients through data-driven, holistic, and personalized care. Vytalize provides an all-in-one solution, including value-based incentives, smart technology, and a virtual clinic that enables independent practices to succeed in value-based care arrangements. Vytalize's care delivery model transforms the healthcare experience for more ...
Know more