Senior Manager, HITRUST
As part of our IT team, this position is responsible for supporting the development of HITRUST Common Security Framework (CSF) control implementation plans to expand the adoption of information security technical controls across LifeSecure. This includes detailed discussions with control owners to understand the current state of technical control implementations and providing advice on controls Corrective Action Planning (CAPS). This position also supports alignment of technical solutions through informed investments decisions and supporting current and future HITRUST security capabilities. Additional responsibilities include maintaining the Information Security Management Program (ISMP) and providing oversight and leadership to Network Operations and Facilities resources.
Essential Duties and Responsibilities:
Architecture Process Management
- Develops re-usable technical documentation and guidelines (e.g., architecture diagrams, security architecture design patterns) which provide guidance on the desired implementation of security controls in various environments.
- Supports development of standard business proposals (SBP’s) for defined projects (charter, preliminary scope, etc.).
- Researches and evaluate emerging trends, threats and technologies.
- Develop security training and awareness program
- Conduct social engineering exercises
- Creating and rolling out security communication to the workforce
- Manages information security risk assessments and serves as an internal auditor for security issues
HITRUST Control Advisory Support
- Ensures consistency in application of solution architecture and patterns leveraged to create HITRUST controls Corrective Action Plans (CAPS) are consistent, scalable, meet the intention of the controls.
- Assists in the identification of technical stakeholders whose input is required to design and implement security solutions.
- Supports technical remediation efforts for implementation of HITRUST controls with recommendations around process, tools, architecture, and solution designs.
- Performing remediation design tracking for HITRUST control CAPS.
- Provides advisory guidance on the development of HITRUST control CAPS with HITRUST framework information security controls owners.
- Assists information security control owners in design and implementation of security solutions and tools to support implementation of HITRUST controls.
- Provides support in building the HITRUST program system scoping roadmap and during discussions with Business and Leadership across the Company.
- Works with Network Operations Manager to scope projects and estimate effort.
- Provides subject matter knowledge on security best practices to HITRUST control owners and HITRUST Program leadership.
Education and Experience Requirements
- Bachelors Degree related to Information Technology or equivalent experience
- Leadership experience and understanding of technology and quality processes
- 5 years’ experience Information Technology experience with a minimum of three (3) years of Information security or IT architecture experience.
- CISSP preferred or willing to work towards
- Insurance Industry experience highly desired
Benefits and Perks
- Amazing health benefits (platinum level coverage)
- Wellness reimbursement program
- Competitive salary including an annual incentive bonus program
- Career growth opportunities
- Positive corporate culture
- Casual dress code
This is an exciting opportunity to join a fast-growing, innovative, national insurance company dedicated to providing uncomplicated insurance products. Our products include long term care and ancillary health insurance products. We are ground breakers and catalysts who are constantly seeking new ways of doing things. Not only are we inspiring change in the insurance industry, we are also an inspiring place to work.