Vytalize HealthRemote
Information Security Engineer
United States of America
Full Time
2 hours ago
H1B Sponsor Likely
Key skills
Information SecurityIncident ResponseBusiness Continuity PlanningDisaster Recovery PlanningSecurity ArchitectureCloud SecurityRisk AssessmentVendor Risk AssessmentVulnerability ManagementPenetration TestingHIPAAHITECHPCI DSSCommunication
About this role
Vytalize Health is seeking an Information Security Engineer to play a critical role in designing and implementing security mechanisms to protect data and information systems. The role involves assessing risks, designing security architecture, conducting risk assessments, and managing information security events.
Responsibilities:
- Assist in the testing of the incident response plans to effectively address and mitigate security breaches or compliance violations
- Assist in the testing of the business continuity plans and disaster recovery plan to effectively sustain business process and restore operability during and after a cyber incident disruption
- Respond to and resolve information security events and escalations
- Evaluate and assess security technologies, tools, and solutions to determine their effectiveness in addressing organizational security needs
- Design cloud security strategies and implement controls to protect data, applications, and infrastructure hosted in the cloud
- In coordination with the information security team, design security architecture to protect IT infrastructure, including networks, systems, and applications, aligning with business objectives
- Maintain and monitor the cyber security risk register, including risk ratings, mitigation strategies, and action plans
- Coordinate data gathering for audits and risk assessments across various teams
- Conduct vendor risk assessments and develop processes for third-party compliance monitoring
- Develop and maintain a continuous assessment process to ensure security controls are operating effectively
- Monitor training campaigns to improve phishing detection and overall program effectiveness
- Monitor remediation of vulnerability assessment findings, including penetration test results
- Communicate security risks and recommendations to senior management and stakeholders
Requirements:
- Work experience in the healthcare information security field
- Previous Health Information Technology (HIT) experience implementing controls for federal security and privacy regulations
- Demonstrated knowledge of IT processes, risks, infrastructure, and information security
- Proficiency in HIPAA, HITECH, and PCI DSS standards
- Experience with incident response, vulnerability management, and security audits
- Strong written and verbal communication skills with the ability to collaborate across departments
- Ability to analyze security designs and recommend configurations with a detail-oriented approach
- 3+ years of relevant work experience in IT security in a complex enterprise environment