Information Security Manager-Enterprise Information Security - S

Description: Job Description for Information Security Manager Location Options: Cedar Rapids, IA Dallas, TX St. Petersburg, FL Responsibilities: Ensuring that security strategies are aligned with business requirements Implementing, reviewing and monitoring of HIPAA security requirements and controls into the business operations Ensure that security incidents/events are identified/reported/managed as per organizational and regulatory requirements (HIPAA/PCI) Collaborate and carry out risk assessment of operational work, business continuity Carry out ongoing security awareness related to ISMS and HIPAA requirements Supporting implementation and manage SOC1/SOC2 audits from security aspects Carryout internal audits Requirements: Process Knowledge Information Security Audit Planning, Execution, Audit Documentation and Reporting IT Risk assessment and review of IT General Controls ISO 27001 standards based Information security management system (ISMS) build and implementation Information Security Policies, Procedures and Standards design/review Compliance Audits (SOX.ISO27001, SSAE 18, SOC1/SOC2) Exposure to Best Practices such as ITIL, COBIT , PCIDSS and COSO framework Responding to RFPs on security requirements in contract Information security risk assessment, treatment and management aspects Ability to handle security incidents and investigations. Regulatory framework In-depth knowledge of HIPAA security and other regulatory requirements and implementation Technology Knowledge Network security and OS Level Auditing Skills Vulnerability Assessment and Penetration Testing knowledge Secure Architecture Design and Implementation. Implementation/auditing of IAM, Firewalls, IDS, IPS, VPN, Authentication mechanisms, assessment tools, etc Enterprise Architecture Business / IT alignment Cloud Computing, Skills Project Management Skills Has to be a versatile Team player Aptitude to learn new technologies Constant learning Excellent Communication Skills Auditing skills Certifications preferred - one or multiple: CISA, CISSP, CISM, ISO 27001:2013 Lead Auditor/implementer