FreeHire

vytalize%20health

Information Security Engineer

Show

Role Summary

As an Information Security Engineer, you play a critical role in designing and implementing security mechanisms to protect Vytalize data and information systems. Responsibilities involve assessing risks, designing information system security architecture, performing regular control assessments to identify control deficiencies, and coordinating security risk assessments across the ecosystem, audits, or information security program certifications. You will conduct third-party information security risk assessments and work as a team to respond to and manage information security events.

Key Responsibilities:

Incident Response

  • Assist in the testing of the incident response plans to effectively address and mitigate security breaches or compliance violations.

  • Assist in the testing of the business continuity plans and disaster recovery plan to effectively sustain business process and restore operability during and after a cyber incident disruption.

  • Respond to and resolve information security events and escalations.

Security Architecture & Design

  • Evaluate and assess security technologies, tools, and solutions to determine their effectiveness in addressing organizational security needs.

  • Design cloud security strategies and implement controls to protect data, applications, and infrastructure hosted in the cloud.

  • In coordination with the information security team, design security architecture to protect IT infrastructure, including networks, systems, and applications, aligning with business objectives.

Risk, Compliance & Governance

  • Maintain and monitor the cyber security risk register, including risk ratings, mitigation strategies, and action plans.

  • Coordinate data gathering for audits and risk assessments across various teams.

  • Conduct vendor risk assessments and develop processes for third-party compliance monitoring.

  • Develop and maintain a continuous assessment process to ensure security controls are operating effectively.

  • Monitor training campaigns to improve phishing detection and overall program effectiveness.

  • Monitor remediation of vulnerability assessment findings, including penetration test results.

  • Communicate security risks and recommendations to senior management and stakeholders.

Qualifications

  • Work experience in the healthcare information security field.

  • Previous Health Information Technology (HIT) experience implementing controls for federal security and privacy regulations.

  • 3+ years of relevant work experience in IT security in a complex enterprise environment preferred.

Knowledge, Skills & Abilities

  • Demonstrated knowledge of IT processes, risks, infrastructure, and information security.

  • Proficiency in HIPAA, HITECH, and PCI DSS standards.

  • Experience with incident response, vulnerability management, and security audits.

  • Strong written and verbal communication skills with the ability to collaborate across departments.

  • Ability to analyze security designs and recommend configurations with a detail-oriented approach.