The Information Systems Security Officer creates and institutes measures in order to safeguard sensitive information within our network. They ISSO will research, develop, implement, test and review our information security in order to protect information and prevent unauthorized access. The ISSO will inform users about security measures, explain potential threats, install software, implement security measures and monitor the network. They are responsible for gathering information necessary to maintain security and establish functioning external barriers such as firewalls and other security measures. They define, create and maintain the documentation for certification and accreditation of each information system in accordance with government requirements. They also assess the impacts on system modifications and technological advances. Additionally, ISSOs review systems in order to identify potential security weaknesses, recommend improvements to amend vulnerabilities, implement changes and document upgrades.
Required Experience & Skills:
Strong understanding of DISA STIGs, Security updates, OS patching, GOPs and Baselines
Strong knowledge of information security principles and practices
Ability to solve practical problems and deal with a variety of concrete variables in situations where only limited standardization exists
Knowledgeable in a wide range of security technologies including but not limited to IDS/IPS, Web Application Firewalls, ForeScout CounterACT, malware analysis and protection, data loss prevention, nCircle IP360 Vulnerability Management , LDAP, forensics software, security incident response
Strong understanding of PCI-DSS 2.0, FISMA/CMS/NIST 800-53a, EHNAC, SOX, SOC2, HIPAA, COBIT, HiTrust
Ability to lead complex enterprise wide projects
Ability to mentor and support junior engineers
Ability to write reports, business correspondence and procedure manuals
Ability to effectively present information and respond to questions from groups of employees, managers, clients and customers
Ability to interpret a variety of instructions furnished in written, oral, diagram or schedule form.
Monster - 7 months ago
Emdeon is a leading provider of revenue and payment cycle management and clinical information exchange solutions, connecting payers,...