Director, Information Security Connecture
THIS JOB HAS EXPIRED Company Overview
Connecture is the leading provider of Web-based information systems used to create health insurance marketplaces and exchanges. Its industry-proven solutions enable consumers, employers and brokers to more easily shop for, purchase and renew health insurance while minimizing back-office administrative expenses for health plans. Connecture?s solutions are provided to health plans, state insurance exchanges, private exchanges and insurance brokers. More than 25 million Americans shop for their health insurance through systems built by Connecture, and more than half of the nation?s 20 largest plans rely on them to sell, administer and manage their plans and products effectively. For more information, visit www.connecture.com.
As the Connecture Director, Information Security you will be responsible for the protection, safeguarding, and security of Connecture?s information systems, assets, and facilities This job contributes to Connecture?s success by safeguarding information and systems assets against unauthorized use, disclosure, modification, damage or loss. Serves as the focal point for threat and information security management; identity management and all security related technical implications to Connecture?s IT environment. Monitors and responds to internal and external security incidents and attacks. Provides technical consultation to IT and business unit teams.
This position will serve as a central point of contact for Identity & Access Management, Vulnerability & Threat Assessment, Information Security Operations, Security Compliance and Information Security Management. The successful candidate will be responsible for the operations, deployment and change management of our security infrastructure, investigate technology security control requirements, and recommend, implement, and lead information security improvements. This role will lead and assist with readiness assessments, remediation planning, and attestation and/or certification assessments and audits which support compliance and overall security goals. The position will also lead operational risk assessments, contract reviews, policy and standards development, policy exception reviews, and security awareness training efforts. As a leader of Information Security this candidate will have ample opportunities to mentor, support, and contribute to multiple teams and initiatives that affect the entire company through secure usage of technology.
Roles and Responsibilities
The essential responsibilities of the Director, Information Security are to.
?Oversee the development, implementation, and maintenance of information security policies and controls, including access management, vulnerability assessments, penetration testing, infrastructure, and regulatory compliance.
?Manage reporting, investigation, and resolution of data security incidents.
?Oversee all client Risk Assessment and Security Audit requests
?Oversee Connecture?s annual Security and Risk Assessments (e.g. HIPPA, PCI DSS, applicable federal program requirements)
?Analyze business needs and oversee security architecture, administration, and policy planning to mitigate risk and lessen possibility of security incident or breach.
?Provide guidance and direction on best practices for the protection of information.
?Ensure compliance with regulations and privacy laws.
?May oversee internal or external systems security (i.e., hosting facilities). Support and provide guidance to hosting services and work to ensure appropriate external system security systems with hosting facility providers
?Oversee the information, implementation and maintenance of Connecture?s security policies and procedures.
?Monitor, assess, and provide corrective mechanisms to mitigate risk from security failures, safeguard company assets, and promote personal safety of employees and others.
?Support or lead, as applicable, investigations of potential or actual violations of privacy/security policies.
?Advise top executives and management on security issues and coordinate with law enforcement and other external agencies as needed.
?Oversee the organization's information security systems.
?Research, develop, and implement security plans and policies associated with the organization's communications and other business systems.
?Responsible for integrating security plans and policies with the company's business process, training others on security procedures, recommend and oversee the purchasing of security products and ensuring that security practices are being followed.
?Evaluate system vulnerability and recommend security improvements.
?Remain informed of current security trends and technologies.
?Creates and distributes security manuals, documents, and records. Maintains facility security requirements and implements procedures for safeguarding proprietary and customer furnished data.
?Performs periodic and random security inspections and prepares security reports as necessary. Issues security violation citations as required by inspections.
?Maintains inspection reports and records and advises senior management of deficiencies and remedial/disciplinary efforts to ameliorate deficiencies.
?Prepares personnel actions and forms to request security clearance/special access and maintains records of such requests. Briefs incoming staff on security processes and debriefs outgoing staff.
?Establishes and maintains procedures on handling, safeguarding and destruction of
?A BS/BA Degree or equivalent work experience
?12+ years? experience within the area of Security management
?10+ years? experience within Security assessment and audit within the areas of SAS70/SSAE16, SOC, and/or ISO.
?CISSP / CISM certification
?Experience and knowledge of either Payment Card Industry (PCI) or HIPAA/HITECH regulations required (knowledge of both is a plus)
||Brookfield, WI |
THIS JOB HAS EXPIRED