This site uses cookies. To find out more, see our Cookies Policy

Information Security Manager in Atlanta, GA at Genesys Talent LLC

Date Posted: 3/12/2019

Job Snapshot

Job Description

Through our partners at Modis, we have an exciting new direct hire opportunity for an Information Security Manager for a rapidly growing company in Atlanta (30303).  This company has recently decided that Atlanta is going to be their new HQ and have been building up this office and growing their presence.  This strategic role will report directly to the CTO and will help mold the security of this company by serving as the Information Security SME.  Initially, this position will involve heavy vendor management responsibilities (with some team growth slated for 2019), and an immediate primary focus would be preparing for 4 main audits - ISO 27001, ASA, HIPAA, and MIS.  This company offers flexible work schedules, with at least 1 work-from-home day and unlimited PTO.  The target annual salary is $110,000-$150,000, and full compensation, benefit, and end-client details will be discussed upon conversation with Modis.  

Position Summary:The Information Security Manager shall be responsible for planning and architecture of security controls to protect the department’s information assets from unauthorized disclosure, accidental or intentional loss of data, or unauthorized modification. Develop and maintain information security policies, procedures, standards, and guidelines. You will provide guidance and raise awareness of industry leading security practices among all company staff. As the Security Manager, you will maintain a highly developed knowledge of security leading practices that shall be used to advance the department’s information security posture.

In this role, you will develop and enforce best practices related to HIPAA; business practices and systems; and internal controls. The Information Security Manager will also be responsible for training appropriate personnel in the processes, as they have been defined. Lastly, you will need to be reachable off hours for security matters that are time sensitive.

Responsibilities:
  • Work with the Vice President, Human Capital, the SVP, Chief Technical Officer and the Vice President, Engineering to manage internal and third-party risks involving customers and vendors, suggest effective ways to manage risks while still achieving business objectives, and works with others to implement appropriate controls.
  • Work with Human Capital and training and development to identify and set up Security Awareness Training as well as identify security training for Software Engineers.
  • Detailed knowledge and experience in security and regulatory frameworks.
  • Stay current with different information security regulations such as PCI, HIPAA, HITECH, the Mass. Data Privacy Law, and Juvare’s own contractual obligations, and works with Enterprise Compliance to help ensure that Juvare is obeying relevant security and privacy laws and regulations.
  • Manage the penetration test process and drives the prioritization and remediation of issues identified.
  • Monitor security threat sources (bulletins) and provides communications on discovered vulnerabilities or security threats.
  • Perform monthly security scans using third party solutions and drives prioritization and remediation of issues identified.
  • Participate in the deployment of scalable, automated means of securing Juvare’s infrastructure and automating Juvare’s policies. This may include tools for monitoring, logging, access control, encryption, asset management, data classification, proxy, and web filtering.
  • Review data from Intrusion Prevention Systems, VPN and Firewall architectures, Proxy Servers, authentication systems and content screening servers.
  • Identifies and reacts to network attacks, viruses, and intrusions.
  • Assist with security incident investigation and response.
  • Manage and document a semi-annual security access review process for the enterprise.
  • Contribute technical information to the annual HIPAA/security/PCI risk and compliance assessments performed by Enterprise Compliance and to annual external audits.
  • Perform audits on:  Network and System Admin access reviews, Access badge audits, Door key assignment reviews, User system audits, Key logs audits, Video log audits
  • Work with the Vice President, Engineering to ensure security of the software development and QA processes, performing and/or leading penetration testing programs, educating developers on secure coding practices, and staying current on software tools, practices, and vulnerabilities.
  • Prepare detailed reports of Juvare policies and procedures for use in RFP/RFI responses, fulfilling contractual auditing requirements, and other similar scenarios.
  • Assist the technology group with special projects.
  • Perform job duties both independently and as a team member.
  • Meet routine deadlines and work schedules as well as timely and accurate completion of special projects and any other duties as assigned.
  • Display a positive attitude as well as professional, polite, considerate and courteous conduct and treatment of others in the course of duties.
  • Compliance with Juvare policies.
  • Other duties as assigned.


Qualifications:
  • Bachelor’s Degree.
  • 5+ years of managing development, implementation and architecture of information security programs.
  • Ability to safely and successfully perform essential job functions consistent with the ADA, FMLA and other federal, state and local standards, including meeting qualitative and/or quantitative productivity standards.


Skills/Knowledge Requirements:
  • Supervisory experience and demonstrated leadership capabilities preferred.
  • Excellent, proven oral and written communication skills.
  • Demonstrated analytical skills and methodical problem-solving skills.
  • Familiarity with current technologies and SDLC methodologies.
  • Ability to rapidly absorb and implement new technologies and procedures.
  • High degree of attention to detail, personal initiative, and commitment to quality.
  • CISSP and/or CISM security certification desired.
  • Passion to exceed client expectations required.