CHG Healthcare

Returning Candidate?

Senior Leader, IT Information Security

Senior Leader, IT Information Security

ID 
2017-3558
Category 
Information Technology
Location Address 
7259 S. Bingham Junction Blvd US-UT-Midvale

More information about this job

Who We Are

Enjoy what you do while contributing to a company that makes a difference in people’s lives. CHG Healthcare, in Salt Lake City, UT, is one of the largest providers of healthcare staffing in the country. Through our trusted brands – CompHealth, Weatherby Healthcare, RNnetwork, Foundation Medical Staffing and Global Medical Staffing – we provide temporary and permanent placement of healthcare providers all over the country. We touch the lives of millions of patients every year. When your day-to-day routine contributes to this important work, it’s easy to get excited about what you do!

 

 

This position reports to the CIO and establishes and administers the overall strategies and procedures for the Information Security and Compliance function for CHG Healthcare. The Director of Information Security is responsible for understanding and evaluating information risk on a regular basis, leading a team of [architects, engineers and analysts] who are responsible for conducting security assessments, implementing and managing security controls, and supporting the day-to-day information security needs for CHG’s businesses. The Director will also promote information security awareness within the organization, and create functional strategies and specific objectives for Information Security to reduce residual risk and protect CHG’s information assets.

How You'll Contribute

  • Responsible for the planning, development, testing and implementation of CHG’s comprehensive information security program
  • Responsible for developing long-term security strategies and ensuring the Company meets all mandated security standards, regulatory requirements, and client and customer needs
  • Establish, administer and maintain Information Security Policies, Procedures and Standards to ensure ongoing maintenance of information security
  • Provide guidance and advocacy regarding prioritization of infrastructure and business investments that impact information security
  • Consults with senior technology and business leaders regarding their information security risks and responsibility in minimizing those risks
  • Partner with business areas to improve security practices
  • Understand and anticipate security trends internal and external to CHG and keep CHG’s senior leadership informed about information security-related issue and activities affecting the Company’s business.
  • Analyze and document information security risks
  • Develop security requirements for projects
  • Document, test, and evaluate information security controls
  • Manage vendor relationships related to information security
  • Develop, deliver and maintain the education and training program on information security and privacy matters for employees and other authorized users
  • Investigate security breaches, with responsibility for maintaining and updating the corporate Incident Response program
  • Responsible for maintaining, updating and enhancing Identity and Access Management (IAM)
  • Assess and continually improve security capabilities based on frameworks
  • Coordinates, documents and oversees ISO27001 compliance activities
  • Coordinate all security audits for the Company, including client audits and internal and external security assessments
  • Accomplishes financial objectives by forecasting requirements; preparing an annual budget; scheduling expenditures; analyzing variances; initiating corrective action.
  • Oversee continual improvement in Information and Cyber Security
  • Understand and assess potential and future threats, vulnerabilities and control protocols; advise the Company based on this information
  • Other duties as assigned by management

 

What You'll Bring

  • Demonstrated knowledge and understanding of relevant information security compliance and regulatory requirements
  • Experience designing, implementing and/or managing major components of a comprehensive information security program
  • Demonstrated experience with Information Security controls and related technologies such as intrusion detections systems, vulnerability scanning systems, authentication systems, Windows systems, application level security, network flow-based monitoring tools and distributed denial of service mitigation methodologies
  • Proficient understanding of IP network design/operation in both LAN and global WAN environment and experience with information security internal and external audits, contract compliance, and quality initiatives
  • Core competency/significant experience in the areas of risk analysis and security management for date, information and applications; IT and information security standards and best practices; privacy and security regulations; security architectures and technologies; incident detection and response; and disaster recovery support
  • Working knowledge of HIPAA, internal controls and legal frameworks
  • Experience coordinating the development and implementation of IT policies and procedures
  • Experience building relationships and collaborating with internal and external constituencies to achieve results
  • Ability to develop and provide creative solutions to Company issues and risks
  • Proven ability to manage issues and projects across functions to create enterprise solutions
  • Ability to adapt to change and balance competing demands
  • Ability to read, analyze, and interpret business and professional publications; prepare business correspondence, proposals and reports; effectively present information to groups of employees; and respond to questions from employees, managers, clients and vendors.
  • Excellent verbal and written communication skills, with the ability to communicate effectively with all levels of the organization and with external clients and customers
  • Ability to assume complex projects, create and present an plan of action, and independently manage projects to favorable resolution or conclusion
  • Ability to function effectively and efficiently in a fast-paced and dynamic environment
  • High standards of ethics and professional integrity
  • Flexibility and willingness and ability to work on a wide range of complex matters with minimal supervision
  • Excellent analytical, problem-solving and decision making skills, with ability to think strategically
  • Ability to work effectively in a team-oriented IT environment
  • Strong interpersonal and people leadership skills

 

Education and Experience Requirements:

  • BS degree in technical field or equivalent work experience
  • 10+ years of progressive information technology experience
  • 7+ years management experience in a data or people management role (5+ years in a people leadership role)
  • 5+ years of experience in a dedicated IT security role (including a combination of compliance, auditing, and knowledge of ISO 27001 framework.)

 

Preferred:

  • Certification of Information Systems Security Professional (CISSP), Certified information Systems Auditor (CISA), Certified Information Security Manager (CISM) or similar credentials

 

What We Offer

  • Competitive pay + bonus
  • Comprehensive training—we rank No. 3 among the world’s top training organizations
  • Medical, dental, vision, and 401(k) matching
  • Generous paid time off and holidays
  • Retirement planning and savings options
  • Tuition assistance
  • On-site health center
  • On-site gym
  • Ability to make an impact in the communities we serve

At CHG, we foster an environment where our people feel free to be themselves. Our core values—Putting People First, Growth, Continuous Improvement, Quality and Professionalism, and Integrity and Ethics—guide us daily to work hard and enjoy what we do! We’re committed to growing our company and are always looking to promote from within. This is an ideal time to join our team.

 

To learn more about our company and culture, visit us here.

How to Get Started

To have your resume reviewed by someone on our Talent Acquisition team, click on the “apply” link at the top of the screen. Or if you happen to know of someone who might be interested in this position, please feel free to email them the job description by clicking on the “Email to Friend” link, also at the top of the screen.

 

We are an Affirmative Action/Equal Opportunity Employer

Minorities/Women/Veterans/Disabled

We are an at-will employer