Job Objectives: Works with Senior Management Team (Chief Legal Counsel, Chief Compliance Officer, VP of Information Security, Chief Technology Officer, SVP of Technology) to implement and maintain the corporate policies, procedures, software and technologies necessary to secure the CareCore National corporate network and ensure compliance with HIPAA regulations. Implement, maintain, and audit IT security policies and related procedures.
- Implement, maintain, and audit IT security policies and related procedures.
- Own and drive security awareness programs throughout the company
- Quarterly, issue reminders to all CareCore National employees on information security measures (e.g., through the use of posters, danglers, SharePoint messages, emails, etc.)
- Frequent internal audits (clean desk policy eg)
- Own and drive necessary corporate certifications (CyberTrust e.g.)
- Establish operating system configuration, patching, upgrade and hardening procedures.
- Work with internal and external resources to identify and repair vulnerabilities in CareCore National systems.
- Work with internal and external resources to administer and support Enterprise Antivirus suite to ensure the security of client systems.
- Institute administration and support Enterprise Patch Management solution.
- Institute administration and support IronPort Spam filter configuration.
- Manage SSL Certificates for internal and external websites.
- Standardization and maintenance of Active Directory role based security groups and related NTFS permission standards.
- Create, test and maintain Active Directory Group Policies.
- Maintain ownership of the Intrusion Detection/Prevention System.
- Disaster Recovery
- Maintain CareCore National DR plan
- Work with appropriate IT resources to establish restore procedures for all target systems
- Coordinate and document Disaster Recovery tests.
- Perform activities related to the operations and monitoring of the IT environment.
- Assist in the definition and maintenance of monitoring procedures.
- Track, identify and report on issues and trends.
- Initiate incident management procedures when necessary.
- Provide detailed post-incident reports.
- Other duties as assigned.
- Bachelor’s degree in Information Technology, or equivalent combination of education, certification, and experience;
- Certified Information Systems Security Professional (CISSP), or equivalent combination of education, certification, and experience;
- Minimum of 10 years experience in information technology administration/support;
- Understanding of information security principles as it relates to systems and network security
- Experience analyzing security requirements and implementing security solutions
- Experience developing security plans
- Experience in software and systems security
- Experience in facilities / operational security
- Experience developing systems requirements and design
- Experience analyzing and integrating complex systems
- Experience developing effective security policies in a commercial context
- Ability to create formal documentation for systems administration, operations, and maintenance
- Understanding of formal processes for change and release management
- Excellent verbal and written communication skills;
- Ability to prioritize and work efficiently under time constraints;
- Expert proficiency with computer hardware, software, and peripherals;
- Advanced knowledge of computer networking, IPSec, PKI, VPN, and Firewalls;
- Advanced proficiency with Active Directory Security, NTFS Security and Group Policies;
- Familiarity with Macintosh operating systems desired;
- Must be able to foster and maintain a positive and team-oriented attitude
CareCore National - 14 months ago
Since 1994, CareCore National has provided comprehensive, customized programs to health plan clients that seek to manage appropriate...