Information Security Manager
District of Columbia, United States of America
Full Time
4 hours ago
$130,295 - $170,900 USD
No Visa Sponsorship
Key skills
CloudCyber SecuritySaaSProject ManagementChange Management
About this role
Role Overview
- Conduct comprehensive security and third-party risk assessments to ensure initiatives align with MFA policies, standards, and regulatory requirements, including HIPAA, HITRUST, HITECH , and other applicable healthcare regulations
- Identify risks and recommend remediation strategies using risk-based prioritization, mitigating controls, and continuous improvement methodologies
- Evaluate, develop, and recommend information security assessment tools, processes, and techniques
- Develop and deliver HIPAA security training and awareness programs
- Collaborate with internal stakeholders to identify, track, manage, and report security risks
- Build, enhance, and support security operations capabilities, including monitoring and response
- Develop, implement, and maintain security policies, standards, and procedures to support enterprise-wide risk mitigation
- Contribute to and maintain best practices, methodologies, documentation, and templates
- Support and coordinate compliance-focused programs and initiatives across the organization
- Mentor and support team members on information security practices and standards
- Support environments that include hybrid on-premises infrastructure, cloud platforms, and SaaS solutions
- Participate in a 24x7 on-call rotation for Information Security
- Perform other duties as assigned that are consistent with the role and organizational needs
Requirements
- Bachelor’s degree in Computer Science, Information Security, or a related field preferred
- Equivalent combination of education and relevant experience will be considered
- CISSP, CISM, CISA, SANS certifications, Security+
- Working knowledge of HIPAA Security Rule, NIST Cybersecurity Framework, and PCI requirements
- Understanding of information security frameworks and industry best practices
- Experience supporting enterprise security operations
- Experience working in virtualized and cloud environments
- Familiarity with Electronic Health Record (EHR) systems, PACS, and connected medical devices
- Hands-on experience implementing, operating, and maintaining security tools and technologies
- Ability to independently manage security assessments and security-related projects
- Change management and project management experience preferred
Tech Stack
- Cloud
- Cyber Security