Community Foundation of Northwest Indiana, Inc. • Information TechnologySchedule:
Full-time • Days • M-F 8-4:30 w/ On Call• 80Location:
Reporting to the Director of IT Technical Services, the Information Security Manager is responsible for protecting Community Healthcare System's computers, networks, and data against cyber security threats. This individual is responsible for overseeing the team which manages the information security infrastructure of the organization while also working closely with the Information Security Office (ISO) to develop security awareness program, best practices, and standards.
The Information Security Manager will create and execute strategies which will improve the security of the organization, perform audits and scans to ensure systems are secure or to identify vulnerabilities, respond immediately to security-related incidents, perform deep analysis and investigations when necessary, report on any findings, and identify areas for improvement. The Information Security Manager will work closely with other members of the IT department to instill awareness of cyber-security issues, training, and best practices.
The Information Security Manager will keep current on the latest security trends, make purchasing recommendations, and develop a team of highly skilled Information Security Engineers.
To Qualify You Must Have:
- Bachelor's Degree in Business, Computer Science or related field.
- 5 years of experience leading teams of technical resources in diverse disciplines is required.
- 5 years of experience in information security or related field
- Must possess a solid understanding of Information Technology, Information Security, and Risk Management.
- Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST Cybersecurity Framework.
• Information Security certifications such as the Certified Information Systems Security Professional Certification (CISSP) or Certified Information Security Manager Certification (CISM) is required or must be obtained within 2 years of acceptance of position.
• Experience working with legal, audit and compliance staff.
• Familiar with applicable legal and regulatory requirements including but not limited to; Sarbanes-Oxley Act, Health Insurance Portability and Accountability Act (HIPAA), and Payment Cad Industry (PCI).
• Demonstrated project management, organization and facilitation skills.
• High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
• Extensive working knowledge of infrastructure security concepts including firewalls, DMZs, intrusion detection/prevention systems, network security, DLP, MFA, EDR, application security concepts, password management, RBAC, and access provisioning.
Certified Information Security Manager
Certified Information Systems Security Professional