Information Security Manager - 234314

Job Title: Information Security Manager - 234314
Position Type: 6 Months Contract to Hire
Work Location: Remote (EST Hours)
Travel: Salary Range: $135,000 - $150,000 / year | Hourly Range: $75+ / hour W2

ABOUT OUR CLIENT / ABOUT THIS ROLE

Medix is seeking an IT Security Manager for a full-time opportunity with one of our Healthcare clients - a Health System on the East Coast. This role is available on a fully remote basis in the US, working EST hours.

This IT Security Manager will be responsible for leading a Team of Information Security Analysts, overseeing the operations and vulnerabilities facing the health system on a day to day basis.

This is a hands-on Player/Coach role that requires prior hands-on experience in Information Security - Vulnerability Scanning, Remediation efforts, Proactive & Reactive Threat Management, etc. This role will also be overseeing a team of people (personnel leadership) and special Security projects - such as Vendor Security Assessments and security posture for SaaS/ Cloud Services.

RESPONSIBILITIES WILL INCLUDE

• Leading a small (5-7 person) team of Security Engineers and Analysts
• Providing personnel development and leadership
• Serving in a hands-on role to lead Security Analysis & Vulnerability operations and team members
• Leading Healthcare-specific security initiatives, ensuring that patient, employee, and business data is secured in compliance with HIPAA regulations
• Handling the escalations and overseeing the operations for security vulnerability assessments / remediation work
• Handling the Vendor Security Assessment program to evaluate a 3rd party vendor's ability to protect sensitive data and eliminate risks that arise from exposure.
• Communicating with peer Managers and external vendors on a routine basis, and benchmarking / prioritizing vendors based on security posture
• Building and implementing Security Governance & policies
• Developing and Implementing best-practices around cloud configuration and cloud security.
• Working in an environment that encompasses web-facing applications, servers, client machines, and mobile devices.
• Providing security guidance to the Application Development / Deployment teams on how to best deploy and secure SaaS and home-grown Microservice Applications
• Driving a culture of security awareness through training and adoption initiatives

REQUIRED QUALIFICATIONS

• 7-10 years of hands-on experience in a Cyber / Information Security role
• Required minimum 3 years of personnel management and team leadership experience
• Must hold at least one (or more) Security Certifications (CISSP, CISA, CISM, GIAC Certified, CASP+, etc)
• Should have prior experience in third-party vendor security assessments
• NIST CSF (NIST 2.0) exposure a plus
• Prior Medical Device industry experience would be a plus

Candidates must be authorized to work for any employer in the US without the need for work visa sponsorship now, or in the future