Mosaic
Information Security Manager
Mosaic, Omaha, Nebraska, us, 68197
Join our team at Mosaic as the Manager of Information Security, in this role you will have a critical role in protecting company sensitive data and systems, with a focus on compliance with the HIPAA Security Rule and the NIST Cybersecurity Framework (CSF). If you are a seasoned information security professional with a passion for healthcare and a commitment to excellence, we invite you to apply for this key leadership position Local Omaha Metro candidates are highly preferred Essential Job Functions: Develop, implement, and maintain a comprehensive information security program aligned with the HIPAA Security Rule, NIST CSF, and industry best practices. Conduct regular security assessments and risk analysis to identify vulnerabilities and mitigate potential threats specific to HIPAA compliance and NIST CSF controls. Implement and manage security controls, such as firewalls, intrusion detection/prevention systems, and data encryption, ensuring compliance with HIPAA and NIST CSF requirements. Develop and deliver security awareness training and education programs for employees, emphasizing HIPAA and NIST CSF best practices. Respond to security incidents and breaches in a timely and effective manner, adhering to HIPAA incident response requirements. Identify IT security program implications of new technologies or technology upgrades. Ensure that cybersecurity requirements are integrated into the continuity planning for systems and/or the organization. Stay up-to-date on the latest security threats, industry regulations, and NIST CSF updates, implementing preventative measures. Collaborate with other departments, business units, and healthcare stakeholders to ensure security is integrated into all aspects of operations and HIPAA compliance. Manage and maintain security budgets and resources, aligning them with HIPAA and NIST CSF requirements. Communicate the value of IT security throughout all levels of the organization and stakeholders. Prepare and present security reports to management, highlighting HIPAA compliance and NIST CSF adherence. Education & Experience: Bachelor's degree in Information Security, Computer Science, or related field (Master's degree preferred). Minimum of 5 years of experience in information security, preferably in a healthcare setting. Certified Information Systems Security Professional (CISSP) or equivalent certification. KNOWLEDGE, SKILLS & ABILITIES: Experience with cloud security technologies Experience with security governance, risk, and compliance (GRC) frameworks. Programming experience (e.g., Python, Bash). Ability to work independently and as part of a team. Strong understanding of the HIPAA Security Rule, NIST CSF, and other relevant healthcare regulations. Experience with security risk management, incident response, and vulnerability assessment tools. Strong analytical, interpersonal, communication skills Strong critical thinking, problem-solving and troubleshooting skills Detail-oriented Ability to identify and mitigate network vulnerabilities Knowledge of firewalls, antivirus, and IDPS concepts Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled