Purdue Healthcare Advisors' (PHA) cybersecurity team assists hundreds of healthcare organizations of all shapes and sizes with their risk assessment, compliance, and risk management needs. As Managing Advisor - IT Security, you will be part of a well-established team of information assurance professionals charged to consult, educate, train and guide healthcare clinics and hospitals facilities throughout the state of Indiana in a variety of information security related projects.
Last year alone, we were on-site at more than 600 Indiana healthcare facilities, providing risk assessments, conducting information security testing, performing configuration audits, fostering security awareness training and other information assurance activities.
In alignment with the Technical Assistance Program and the Office of Corporate and Global Partnerships, the PHA IT Security team also provides a wide range of cybersecurity consulting and education activities to the public sector, university partners, and industry throughout the state of Indiana and beyond.
Our team of security professionals come from a wide range of educational and technology backgrounds that all share the same goal of improving information security practices across the state of Indiana.
The ideal Managing Advisor - IT Security candidate will have a strong grasp of IT security best practices, be able to assess gaps in cybersecurity operations in a variety of information technology environments and be able to provide clear, pragmatic advice in the form of detailed written and oral reports & presentations.
As part of our dynamic team the Managing Advisor - IT Security will respond to client demand for a variety of services that will vary day-to-day. The successful candidate must be able to adapt quickly to the new environments and move seamlessly between unique functions. This position may focus on any number of services and tasks assigned by the senior advisor.
- Bachelor's degree in a computer or information systems related field.
- Four or more years working in an operational information technology role or related field, two of which must include experience in information and security technology experience in network security, incident response, and security assessment.
- In lieu of a degree, consideration will be given to an equivalent combination of related education and required work experience.
- Must have detailed knowledge of Security and Privacy standards and best practices including knowledge of HIPAA, NIST special publication 800 series, PCI, ISO, etc..
- The ability and desire to develop/present cybersecurity training materials such as boot camps, workshops, and seminars to external clients via a variety of training platforms (classroom, online, hybrid).
- Ability to conduct risk assessments of technology, process and policy within complex organizations.
- Ability to conduct vulnerability assessments and develop advanced IT security services for customers.
- Ability to interview customers at all levels of administration or management.
- Ability to learn and understand client department practices and procedures, analyzes, documents and communicate with executives, managers, technology administrators.
- Requires strong customer service skills.
- Strong capability to lead teams, mentor and coach others as well as ability to work effectively, develop and maintain cooperative and constructive relationships with diverse groups of people at all levels of the organization and with external constituents.
- Capable of working independently with little supervision, but also capable of working well in a dynamic team environment.
- Excellent organizational and time management skills.
- Ability to respond quickly and effectively in a fast-paced work environment.
- Excellent verbal and written communication skills.
- Valid US or Canadian driver's license.
- Experience with security hardware (e.g., firewalls, intrusion detection systems, SIEM)
- Exposure to policy implementation, and auditing/assessment best practices
- At least one IT security management related certification such as CISSP, CISM, CRISC
- Experience in network security, incident response, and security assessment
- Experience with business continuity planning, disaster recovery planning.
- Hands on security certifications desirable such as GSEC, CEH, OSCP.
- Proven history of successful project management, consulting, and sales.
- This posting represents multiple vacancies.
- This position requires the ability to travel up to 50% of the time.
- Purdue will not sponsor an employment authorization for this position.
- A background check will be required for employment in this position.
- FLSA: Exempt (Not Eligible For Overtime).
- Retirement Eligibility: Defined Contribution Waiting Period.
- Purdue University is an EOE/AA employer. All individuals including minorities, women, individuals with disabilities and veterans are encouraged to apply.