IT Security & Compliance Manager

IT Security & Compliance Manager

At Rectangle Health, we believe that our team members are our most important asset. We grow our team by hiring best-in-class talent. We encourage all employees to contribute their individual talents and ideas to strengthen our team, our brand, and our services. We promote a culture that serves to empower and motivate employees beyond the standard corporate rhetoric one might see on motivational posters. Employees understand their individual roles in serving our customers, and this clarity of purpose encourages high job performance.

Position Overview

The IT Security and Compliance Manager will support governance, risk and compliance initiatives and perform key day-to-day activities to help ensure the implementation of a holistic information security compliance program. This individual will help create and maintain risk assessments to facilitate scoping and defining boundaries of systems, facilitate control mapping, gap identification remediation and mitigations.

For Full-Time Employees we offer:

• Competitive health, dental, and vision benefits
• Guardian Hospital Indemnity coverage
• Life & LTD
• 401(k) matching up to 3%

Primary Job Duties

Security Operations

• Manage the investigation of alerts received from the Security Operations Center to resolution.
• Work with SOC to identify indicators of compromise that warrant additional alerting.
• Monitor for and respond to reports of suspected phishing emails.
• Create and maintain documentation related to security events and investigations.
• Upgrade data and security systems and enable security software integrations.

 

Vulnerability Management

• Operate and manage vulnerability scanning for product environments and corporate endpoints using Tenable.
• Direct the performance of penetration tests.
• Manage the timely remediation of vulnerabilities.
• Review and analyze vulnerability data to identify trends and patterns.
• Coordinate and report on vulnerability remediation efforts.

 

Disaster Recovery and Incident Response

• Enhance and maintain incident response planning, including updating plans, creating and maintaining runbooks, and facilitating incident response exercises.
• Coordinate and lead disaster recovery planning and testing efforts.

 

General Security

• Assess complimentary security controls of new and existing software to ensure security is properly configured for all services and products, including controls around the use of AI.
• Coordinate the performance and completion of user system access privilege reviews.
• Perform control alignment validation.
• Facilitate remediation of gaps based on results of the control validation and tracking to timely resolution.
• Maintain comprehensive documentation of security practices, procedures, and incidents.
• Implement and administer security tools and choose the best ones for additional security needs.
• Evaluate IT Infrastructure in terms of risk to the organization and establish controls to mitigate loss.
• Improve business-wide knowledge and understanding of emerging threats.

Minimum Qualifications:

• Expertise in PCI DSS v4.0
• Familiarity with standard control frameworks including NIST SP 800-53, ISO 27001, Center for Internet Security Controls and HITRUST.
• Experience in HIPAA preferred.
• Typically requires a university degree and 5 years prior relevant experience in a related field. Additional years of experience and industry certifications may be substituted for a university degree in some circumstances.
• Organizational skills, critical thinking, and attention to detail.
• Excellent communication skills required.

 

About Us:

A leader in innovative healthcare technology for over 30 years, Rectangle Health is a trusted partner to more than 40,000 healthcare providers.  The company’s comprehensive platform, Practice Management Bridge®, streamlines daily business operations including communications and engagement, payments and reimbursements, and office compliance.  Customers of all sizes, in all sectors of healthcare, rely on Rectangle Health’s easy-to-use and scalable software to deliver a measurable increase in productivity and profitability, while improving patient experience.

View our CCPA disclosure notice here