Post a job

Information Security Governance Specialist - Remote

Altera Digital Health logo

Location
United States
Base Salary
90k-107k USD
Altera Digital Health

Job Description

Altera, a new member of the N. Harris Computer Corporation family, delivers health IT solutions that support caregivers around the world. These include the Sunrise™, Paragon®, Altera TouchWorks®, Altera Opal, STAR™, HealthQuest™ and dbMotion™ solutions. At the intersection of technology and the human experience, Altera Digital Health is driving a new era of healthcare, in which innovation and expertise can elevate care delivery and inspire healthier communities across the globe. A new age in healthcare technology has just begun.

Overview

The Altera Digital Health Corporate IT Team is seeking an Information Security Governance Specialist who will provide risk management and governance oversight to ensure security controls and processes are appropriate to minimize risks and meet regulatory compliance requirements. As the Information Security Governance Specialist, you will utilize your wide area of expertise in risk management, cybersecurity, vulnerability management, information security governance, incident management, security frameworks and other areas to provide security compliance oversight for the Harris group of companies.

This position will communicate with the Corporate IT, Legal and Compliance teams, customer’s IT representatives and stakeholders, and other appropriate areas, as deemed necessary.

This is a remote role in the US.

Responsibilities

  • Assist with the management of and participates in the information security, governance, and risk management programs according to established policy requirements.
  • Monitor the information security, governance, and risk management programs to ensure organizational controls and processes are appropriate to minimize security risks and to ensure compliance with various security standards and regulatory requirements.
  • Assist with the development, maintenance and publishing of up-to-date information security policies, standards, and guidelines.
  • Advise executive leadership and provide oversight of policies, standards and procedures related to information security and regulatory requirements as it relates to security controls and processes.
  • Lead and/or participate in various steering committees and other groups as appropriate.
  • Assist with the development of and oversee effective disaster recovery and business continuity policies, plans, and standards to align with enterprise business continuity management program goals.
  • Responsible for conducting risk assessments against various regulatory compliance such as HIPAA, PCI, etc.
  • Perform risk and security assessments of applications, databases, and servers and supporting network technologies, such as routers, switches, access points.
  • Participate in annual security audits, incident response exercises, security reporting, audit, and compliance support.
  • Develop and execute corrective action and remediation plans for identified issues, risks, or vulnerabilities.
  • Assess potential risks and vulnerabilities to develop baselines and assist with response to deviations.
  • Manage the training awareness program, monitor compliance, and develop security training.
  • Review security control surveys, information security addendums and data protection addendums as required.
  • Develops and maintains standard practices and procedures for appropriate response to identified threats.
  • Analyzes and assesses security incidents and escalates incidents by following incident plan.
  • Work with information security team to provide security incident escalation support and remediate security issues.
  • Assist with evidence collection for security audits and responding to security questionnaires.
  • Ensure vendors are reviewed through the vendor risk management process and comply with applicable regulations and standards.

Qualifications

Academic and Professional Qualifications:

  • Bachelor’s degree in Computer Science, Information Systems, Network Security Engineering or related major or equivalent work experience.
  • CISSP, CRISC, CISA, CDPSE, HCISPP certifications would be considered an asset

Experience:

  • Minimum of 5 years’ experience in IT security risk management or governance experience.
  • Minimum of 2 years’ experience as a system administrator, network administrator or in security operations may substitute 1 of the 5 years required experience above.
  • Minimum of 2 years’ experience in cloud services security
  • Knowledgeable about security controls and processes, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
  • Hands on experience managing various security and governance, risk and compliance tools (e.g., Vulnerability Scanning, GRC Tools, etc.)
  • Experience in access control and identity management for on premise and cloud environments.
  • Ability to write security requirements and design documents.

Travel Requirements:

  • May require local travel.
  • May require other travel for business needs.

Working Arrangements:

  • Work is performed in a remote environment with minimal exposure to health or safety hazards.

Our company complies with all local/state regulations in regard to displaying salary ranges. If required, the salary range(s) are displayed below and are specifically for those potential hires who will perform work in or reside in the location(s) listed, if selected for the role. Any offered salary is determined based on internal equity, internal salary ranges, market data, ranges, applicant's skills and prior relevant experience, certain degrees and certifications (e.g. JD, technology), for example.

Salary Range$90,264—$106,511 USD

Altera is an Equal Opportunity/Affirmative Action Employer. We consider applicants without regard to race, color, religion, age, national origin, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, marital status, veteran status, disability, genetic information, citizenship status, or membership in any other group protected by federal, state or local law.

If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact us at:

[email protected]

Advice from our career coach

A successful applicant for the Information Security Governance Specialist role at Altera Digital Health should have a strong background in IT security risk management and governance, with experience in managing various security tools and compliance programs. To stand out as an applicant, consider the following tips:

  • Demonstrate your expertise in risk management, cybersecurity, vulnerability management, and information security governance
  • Showcase your experience in conducting risk assessments and developing security policies and standards
  • Highlight any certifications you hold, such as CISSP, CRISC, CISA, CDPSE, or HCISPP
  • Emphasize your hands-on experience with security and governance tools, as well as access control and identity management
  • Discuss your ability to lead and participate in various committees and groups related to security and compliance

Apply for this job

Expired?

Please let Altera Digital Health know you found this job with RemoteJobs.org. This helps us grow!

RemoteJobs.org mascot