VP, Chief Information Security Officer

    LogistiCare, Inc.
    Denver, CO 80012
    Full-time, Part-time
    Similar jobs pay $10.21 - $15.56

    Job Description

    The role of the VP, Chief Information Security Officer is to oversee and coordinate Enterprise Compliance, Business Continuity, Enterprise Risk Management, and Information Security. The VP, Chief Information Security Officer is responsible for the overall Information Security and Risk Management posture of the company, and works with various locations and departments to improve physical and associates security. The VP, CISO will be responsible for setting the vision for the program according to HIPAA rules, development of the security program and overseeing program execution. This position will report directly to the Chief Information Officer.

    • Develop, manage and set the vision for the Information Security Program
    • Design the strategy and architecture for security programs that include:
    • Audit and Compliance functions
    • Risk Governance
    • Security Policies and Procedures
    • Security Awareness Training
    • Security Information and Event Management
    • Incident Response Management
    • Business Continuity Processes
    • Ensure security architecture deliverables reflect and support business, technical, operational, and compliance objectives
    • Recruit and manage the Information Security and IT compliance teams
    • Develop and maintain detailed Security Architecture Plans and Designs
    • Review Threat and Vulnerability reports and create detailed Action Plans to address risks
    • Maintain awareness of IT/ Security industry trends, evaluate new solutions and techniques, as remain aware of emerging threats
    • Create Security Standards for Hardened Server, Workstations, and Network Components
    • Work with and influence project teams and business contacts in regard to security controls, risk mitigation techniques related to information security
    • Direct initiatives related to Information Security strategic planning
    • Set and manage budget for Information Security
    • Promote awareness of Information Security Best Practices
    • Ensure that Information Security is adequately represented across lines of businesses
    • Prioritize and delegate Risk Assessment activities and ensure completion
    • Oversee newly implemented technologies and coordinate internal/external audits
    • Define Secure Application Development Best Practices and Processes
    • Audit Application Architectures to ensure Security Standards are effective
    • Ensure compliance of the Information Security and Risk Management programs with all Regulatory, Contractual, Association, and Client requirements
    • Provide direction for Enterprise Risk Management, Business Continuity and Disaster Recovery Efforts, Policies and Procedures, and Record Retention
    • Lead compliance efforts consisting of HIPAA, HITRUST, SSAE 18 SOC 1 and 2 reporting, client audit response (For IT, Security, and related items), PCI, and other compliance requirements

    Competency Statement(s)
    • Strong verbal, listening and written communication skills with the ability to write technical documentation, reports and correspondence
    • Ability to speak and present information effectively to groups of varying sizes
    • Strong mathematical skills and ability to translate data into statistical mathematical representation
    • Define problems, collect data, establish facts, and draw valid conclusions
    • Ability to exercise good judgment and make sound decisions independently; delegate/escalate issues appropriately
    • Ability to get along with diverse personalities; tactful, mature and flexible
    • Ability to establish creditability and be decisive but also to recognize and support the organization's preference and priorities
    • Ability to maintain the highest standard of confidentiality is required with zero tolerance
    • High energy level, comfortable performing multifaceted projects in conjunction with normal activities
    • Results oriented with the ability to balance other business considerations
    • The ability to provide positive leadership and mentor associates
    • Proven analytical and problem-solving abilities
    • Ability to effectively prioritize and execute tasks
    • Highly self-motivated and directed
    • Well-developed interpersonal skills
    • Superior attention to detail
    Education & Experience
    • Bachelor's degree in related field at a minimum and a master's degree in related field highly desirable
    • 3+ years of previous CISO experience
    • 7+ years of Progressive Experience in Managing Security Department Staffing, Budgets and Invoicing, Contractors, Vendors, and Security Programs and Projects
    • 7+ years of Progressive Expertise in Managing Corporate Security Programs with directly relatable experience with 3+ years of previous CISO experience
    • CISSP, CISM, or other equivalent security certification required
    • CRISC, CISA, CISM preferred
    • ITIL Certification preferred
    • Hands-on Technical Experience with Telecommunications and Network, Security Solutions (Firewalls, IDS/ IPS, SIEM, Vulnerability Assessment Tools) Access Control Systems, Cryptography, Physical Security Systems, and Secure SDLC Methodologies
    • The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
    • Entire work time is conducted in an office environment in a controlled atmosphere building.
    • The noise level in the work environment is usually moderate.
    LogistiCare is an Equal Opportunity Employer

    Posting ID: 554945076Posted: 2020-05-21