Reporting to the Director of Information Security, the Infrastructure Security Program Manager will be responsible for supporting thearchitecture, design and assurance of all aspects of infrastructuresecurity affecting datacenter (SaaS and Corporate), end points, authentication and access controls and network devices, securing highly sensitive data and addressing any network /systems related security issues. The position supports the development and implementation of key security initiatives and development of the overall WellSky security posture based upon level of securityrisk for all WellSky IT platforms and infrastructure. The position works as part of cross-functional teams that deal with the full spectrum of information management technology providing security-based direction such as technical standards, planning, and strategy to other technical staff and management. This position requires broad IT background, expertise in information security, strong familiarity with modern information securityrisk management practices such as FAIR, domain knowledge of and health care/HIPAA/NIST compliance frameworks and comprehensive knowledge of network and infrastructure, and strong analytical, and communication skills.
Key Areas of Responsibility
- Oversight – Provide oversight and training for SOC (Security Operations Center) functions via third party Managed Security Services Provider (MSSP) or internal staff. Serve as technical advisory for securityaudits and reviews. Oversight of security problem resolution for all WellSky infrastructure platforms. Ensures that preventive measures are put into effect. Provides oversight for security assurance of intrusion detection systems, firewalls, gateways, virus protection devices, networkinfrastructure, content filtering, identity management, vulnerability management, threat detection, identity, authentication and access management solutions.
- Security Engineering and Assurance -Design and implement security tools and reporting mechanisms to support testing and information assurance. Participates in an Architecture Review Board and/or infrastructure review to facilitates the security review process and develop and encourage appropriate security architecture standards.
- Security Operations- Conducts and/or supervise intrusion and vulnerability testing; identify and implement vulnerability scanning tools; coordinate penetration testing and manage securityreporting process. Performs securityrisk assessments, develops baselines and review technical risk analysis results for projects and new implementations; provide options for security controls to mitigate risk. As needed, coordinates with other members of Engineering/SaaS/DevOps teams to provide review of applications, database systems, business systems and account administration.
- Incident Response Support- Provides support and as needed oversight for security incident investigations and reviews or prepares appropriate documentation. Participates as member of the Security Incident Response Team and oversight for security incident investigations and reviews or prepares appropriate documentation. Ensures that preventive measures are put into effect. Participates in the computer security incident response process that includes include monitoring, tracking, notification, containment, resolution, escalation and reporting and compiles security metrics and performance measures for management reporting.
- Teamwork- Fulfills role as core member of Security team; providing consultative advice yet is willing and able to step in and manage a project as needed. Adheres to all policies and procedures, especially those relating to Change Control, Problem Management, and Project Management; provides input to improve processes to ensure highest levels of service and availability of systems. Drive partnerships with the SaaS and IT teams and privacy and compliance functions in WellSky.
Specific Activities & Duties
- Architects, implements and monitors security measures/controls related to corporate and SaaS networks.
- Reviews, monitors and administers various security tools and recognize problems by identifying abnormalities.
- Provides detailed risk assessment reports on daily/weekly/monthly or ad hoc basis.
- Identifies, evaluates and implements technical security controls, conducts evaluation of security automation tools, implements automation of controls/tools and champions process improvements to continuously advance the organization’s security maturity.
- Develops and implements technical solutions and/or recommends new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Reviews system hardware/software design and architecture documentation and provides recommendation addressing security technical issues.
- Advises on configuration best practices/procedures for patching updates, tuning and maintenance of security tools
- Recommends prioritization of security changes based on securityrisk and shepherds these changes through change control processes.
- Documents security and vulnerability findings and all work activities efforts following WellSky technical standards, using approved methods. As needed, participates in the development, review, and finalization of security documentation, security best practices and procedures to improve and maintain the security posture of WellSky.
- Coordinates with IT/Engineering/SaaS/DevOps teams to set and maintain standards for selection and maintenance of all infrastructuresecurity tools, software suites, devices, appliances and systems.
- Works with internal and external auditors to provide requested information and perform remediation if necessary.
- Supports WellSky management to prioritize security initiatives and spending based on appropriate risk management and/or financial methodology.
- Responds to the needs and requests of clients and WellSky management and teams in a professional and expedient manner.
- Conducts analyses and writes reports including assessment-based findings, outcomes and propositions for further system security enhancement.
- Builds relationships with internal technical customers including Engineering/IT/SaaS/DevOps staff to assure collaborative approach to improving and maintaining the security posture of WellSky.
- Resolves and documents incidents and problems effectively and in a timely manner;
- Responds to the needs and requests of clients and WellSky management and staff in a professional and expedient manner.
- Maintains confidentiality of sensitive information and complies with HIPAA and other privacy and security practices and all required regulatory controls in accordance with NIST Cyber Security Framework, FIPS, 45 CFR § 160 and 164 as required.
- Maintains professional and technical knowledge by attending educational workshops, reviewing professional publications, establishing personal networks, and participating in professional groups and working groups;
- Participates in the training and/or mentoring programs as assigned or required;
- Adheres to the WellSky Values and supports a positive company's culture
- Demonstrates competence to perform assigned responsibilities in a manner that meets the age-specific and developmental needs of the members served by the department.
- Appropriately adapts assigned assessment, treatment, and/or service methods to accommodate the unique physical, psychosocial, cultural, age-specific, and other developmental needs of each member served.
- Performs other duties as assigned.
- Knowledge of advanced security and contingency planning concepts, including data integrity; authentication and authorization; firewall topologies as applied to Internet/Intranet/Extranet deployment; encryption; VPNs; networksecurityarchitecture and protocols; intrusion testing methods; attack recognition and response systems; and business continuity planning and testing. Knowledge of major logical security software packages.
- Knowledge of hacker tools used to gain access to networks, operating systems and applications. Ability to compile, assess and communicate information as it affects business risks. Computer Information Systems Security Professional (CISSP) or similar security industry certification
- Strong understanding of NIST, ISO, Cybersecurity Framework and other security industry guidelines
- Security Tools experience: DUO/Okta/Centrify, Kaspersky, Trend Micro, Cisco IDS/IPS, Palo Alto, scanning/pen testing tools, Nessus, Rapid 7, Qualys, FireEye, CrowdStrike and similar
- Fundamental understanding of application protocols (HTTP, DNS, FTP, etc.) and networking protocols (TCP, UDP, ARP, ICMP, etc.), and be comfortable analyzing packet capture (pcap) files in tools such as Wireshark
- Demonstrated analytical and problem-solving abilities to identify and remediate securityrisks
- At least 3+ years hands on experience with IDS/IPS, endpoint, firewalls, intrusion detection systems, anti-virus software, advanced endpoint management solutions, authentication systems, log management, content filtering, etc
- At least 3+ years hands on experience managing hosted applications, load balancers and cert's (Netscaler, F5, HTTPS, SSL, TLS etc.)
- At least 2+ years’ experience developing/deploying/administering secure IAAS solutions/infrastructure in AWS
- Bachelor’s Degree in computer science or information systems or equivalent experience in lieu of a degreerequired
- Minimum of 5+ years of experience in managing IT Infrastructure/Security solutions
- Able to translate business requests and problem management cases into actionable work efforts;
- Excellent troubleshooting skills and can resolve issues within the physical, data layer, network layer, transport layer and presentation layer throughout the datacenter, which includes hardware, software, systems and platforms;
- AWS Cloud Practitioner/AWS Solutions Architect (Associate/Professional) AWS Certified Security Specialty/Advanced Networking Specialty
- Proficiency in a Linux command line environment (awk, sed, grep, etc.) or Windows equivalent (Powershell) to analyze log files and locate anomalies
- Proficiency and hands on experience managing Active Directory users, groups, OU's, Domains, GPOs, PowerShell scripts etc.
- At least 3 years’ hands-on experience in a SaaS environment or equivalent demonstration in an enterprise environment that supported large hosted applications for large amounts of end users;
- At least 3 years hands-on experience in a health care/HIPAA environment, or equivalent demonstration of similar regulator controls and processes;
- At least 3 years’ hands-on handling incidents, problems and business requests in a SaaS or equivalent enterprise environment;
- Experience working in a DevOps environment a plus;
- Experience with Agile, Scrum and/or KanBan a plus;
- Experience with software development processes and web applications a plus;