Manager, IT Security

POSITION SUMMARY

Under the direction of the Information Technology Director, manages staff and operations related to the stability, security, and functionality of several key infrastructure components of HDS’s business systems:

Database Administration (DBA)- Manages technical and operational aspects of maintaining database management systems (DBMS) which support HDS’s business systems.  This includes physical and logical hosting considerations that ensure the systems which rely on DBMS to function efficiently and securely.

Information Security- Work with IT Security Analyst to ensure HDS Information Systems Department has appropriate and effective security posture.  This includes managing and coordinating IT security related projects with ITS staff, HDS business users, HDS customers, and external auditors. 

Systems Development- Work with IS Department to promote applications to the production environment as prescribed by HDS's source code management procedures.      

ESSENTIAL DUTIES AND RESPONSIBILITIES

• Management and Supervision – Manages, plans, organizes, trains, motivates and evaluates staff; including making hiring & termination decisions, assigning work, developing growth opportunities, conducting performance evaluations and taking corrective action.  Communicates and assures that employees have a clear understanding of performance expectations and responsibilities. Supervises/Manages the following staff:
  • Leads and manages IT Security Analyst, Security Operations Analyst, and Database Administrators.
• Departmental Goals – Effectively communicates to staff and monitors the stretch goals/performance measures and standards for the department in alignment with company-wide objectives/goals.
  • Oversee team that creates, maintains, and monitors databases.
• Policies/Procedures Manual – Assists with the development and maintenance of departmental procedural manuals.
  • Recovers data in the event of a database or hardware failure.  Maintains disaster recovery documents outlining procedures for restoring data.
  • Writes scripts to automate data replication to offsite locations.
  • Manages annual security assessment and annual IT security policy review.
  • Manage and coordinate Information Technology Security Committee activity.
  • Stay up-to-date with emerging security threats and technologies, and recommend appropriate security measures to mitigate risks.
• Effectiveness/Efficiencies – Ensures that work processes and systems maximize operating efficiencies and increase the value of services provided in alignment with company goals and objectives.
  • Handles database patches and upgrades.  Identifies and evaluates industry trends in database systems to ensure best practices are followed.  Tunes databases to optimize system performance.  Assists Project Analysts to tune their code to provide optimal application performance.
  • Works with the Information Systems Director and Network Operations to establish database backup schedule.  Create and maintains script to automate backups.  Monitors logs to ensure that backups are successful.
  • Oversee the monitoring of database performance, identifying and resolving any performance bottlenecks or issues. This involves analyzing query execution plans, optimizing database configurations, and implementing performance tuning techniques to enhance the overall system performance.
  • Oversee the regular maintenance activities such as database patching, version upgrades, and system migrations. This involves coordinating with other teams, vendors, and stakeholders to minimize downtime and ensure a smooth transition.
  • Systems Development Deployments - deploy development projects to production environment and production web servers.
• Internal Controls/Compliance – Ensures controls satisfy operational/compliance risk requirements, and data integrity.
  • Responsible for evaluation and recommendation of a security framework for adoption by HDS.
  • Responsible for Creation and maintenance IT security policies and procedures which align with security framework.
  • Represent ITS Division in SOC and any other audits.
  • Manage security controls, including firewalls, intrusion detection systems, access controls, and encryption technologies.
  • Conduct regular security audits, vulnerability assessments, and penetration testing to identify and address security vulnerabilities.
• Customer Service (Internal/External) – Monitors productivity and performance while ensuring professionalism, quality, timeliness and accuracy in accordance with overall company-wide objectives to ensure positive working relationships with internal and external customers.
  • Collaborate with cross-functional teams, including IT, legal, compliance, and senior management, to ensure alignment of IT security and business continuity objectives with organizational goals.
  • Foster a culture of security awareness and compliance throughout the organization through training programs, awareness campaigns, and regular communication.
• Other Duties and Responsibilities
  • Other miscellaneous duties and responsibilities as assigned.

MINIMUM QUALIFICATIONS AND EXPERIENCE

Education

Bachelor’s degree in Information Systems, Computer Science (Master’s degree preferred), or an equivalent combination of education, training or working experience.

Experience

• Five (5) years in IT security and business continuity management
• Strong knowledge of IT security principles, standards, and best practices, including network security, access controls, identity and access management, cryptography, and security incident response.
• Familiarity with relevant regulations and compliance requirements (e.g. PCI, HIPAA, SOX) and experience in developing and maintaining compliance programs.
• Knowledge of shell programming expertise using a scripting language such as Perl, preferred.
• Knowledge of the SQL query language and database design principles, preferred.
• Familiarity using Windows and Microsoft Office (e.g. Outlook, Word, Excel, and PowerPoint).

Skills and Knowledge

• Ability to organize, analyze and solve complex problems with attention to detail and accuracy.
• Ability to handle multiple tasks and prioritize with some distractions.
• Ability to handle information in a confidential manner and maintain compliance with HDS policies and federal/state laws.
• Ability to communicate both orally and in writing with all levels of staff, customers, and vendors on sensitive matters.

Note: The above information in this description has been designed to indicate the general nature and level of work performed by an employee in this classification.  It is not to be interpreted as a comprehensive inventory of all duties, responsibilities, and qualifications of employees assigned to this job.  Hawaii Dental Service has the right to add to, revise, or delete information in this description.  Reasonable accommodation will be made to enable qualified individuals with disabilities to perform the essential functions of this position.