Director of Information Security - Birmingham, AL

Overview

NaphCare is hiring a Director of Information Security to join our team on-site full-time at our Corporate Headquarters in Birmingham, AL 35216.  This position is responsible for the oversight of the IT Security Program at NaphCare including the management, coordination and execution of specific IT security compliance activities following best practice and at the direction of NaphCare’s CTO.

This is a full-time position. No Visa sponsorships or transfers. 

The Primary job function of the position is to analyze and interpret pertinent IT Security Standards in which NaphCare must comply, perform ongoing gap assessments to identify and document deficiencies in systems and processes, and directly aide in addressing deficiencies.  The role will also be responsible for overseeing NaphCare’s IT Security Policies and System Security Plans for key software packages ensuring compliance. Finally, the role will manage ongoing audits of IT security both internal and those performed by 3rd parties and engage with NaphCare’s partners in aligning security goals and policies.

The role must have a clear understanding of the challenges of information security and possess excellent analytical and problem-solving abilities in order to identify and fix security risks through coordination across NaphCare’s Information Technology teams.

OUTSTANDING BENEFITS PACKAGE:

NaphCare offers competitive benefits, including health, prescription, dental, Employment Assistance Program (EAP) services, vision and 401(k). NaphCare offers term life insurance at no cost to the employee and provides PTO, paid holidays and an array of voluntary benefits. Employees enrolled in our health insurance program receive prescriptions free of charge when filled at our in-house pharmacy or mail order program.

If you want a career that will make a difference, choose the company that is different.  NaphCare professionals are important partners of the NaphCare family, working together to provide quality care in a rewarding work environment. We care about making a difference in the lives of others. 

Come learn correctional healthcare as you use our cutting-edge resources, including our award-winning electronic health record system. 

At NaphCare, we believe in innovating to improve lives. We partner with local, state and federal government agencies to provide innovative healthcare, technology and administrative solutions for complex problems within the correctional and justice systems. Our success has always been due to our people and our commitment to treating every patient with dignity. We are mission-driven with a singular aim of improving lives through caring health care solutions provided in an environment of respect. United by this belief, we work as a team to improve each and every life we touch.  Join our team of compassionate trailblazers who are dedicated to making a difference. 

Responsibilities

Qualifications

• EDUCATION: Must have a Bachelor's Degree in Information Security or closely related field (i.e. Cyber Security, Security Engineering, Management Information Systems
• CERTIFICATION: The following certifications or combination thereof are preferred - CISA (Certified Information Systems Auditor), CompTIA Security+, CEH (Certified Ethical Hacker), CISSP (Certified Information Systems Security Professional)Must be able to keep up with the understanding of new technologies and industry trends.
• Must also have a clear understanding of computer systems, networks, networking systems, various IT security appliances, IT security software tools, and have the ability to analyze complex network diagrams.
• Familiarity with HIPAA, SOC II, NIST, FISMA, FedRamp and other compliance standards.
• Preferred candidate location: Birmingham, AL

• Five (5) years' experience in the information technology field as well as having at least two (2) years' work experience in performing IT Security, preferably within healthcare industry.
• Experience with navigating the US Federal Government’s Authority to Operate (ATO) process
• Experience with implementing and documenting IT Security within hybrid on-premise and AWS Cloud environments
• Experience with creation and maintenance of System Security Plan
• Project management experience as it relates to the implementation of security policy and procedure within a large, enterprise environment.
• Hands-on experience in all areas of information technology, including cloud environments and identity management.
• Hands-on experience in security solution engineering and implementation, security operations management and incident management.
• Experience monitoring, investigating, and reporting of security events and incidents.
• Strong technical communication skills (oral and written) with the demeanor to interface at all levels from engineering to executives.
• Proven ability to lead projects to completion, ensuring the delivery of high-quality work on time.
• Ability to manage and review work completed by internal and external resources.
• High level of personal integrity, with the ability to professionally handle confidential matters and exudes the appropriate level of judgment and maturity in all situations.
• Ability to organize, document, and prioritize a high-volume workload while handling details accurately, in a timely manner, and under pressure.
• Experience in larger enterprise environments.

Equal Opportunity Employer: disability/veteran