Information Security Director Jobs in Rockford, IL

Information Security Director jobs in Rockford, IL

Information Security Director leads and manages the team responsible for ensuring the security of the organization's systems and information assets. Oversees the development and implementation of security systems, guidelines, and strategies. Being an Information Security Director implements processes and procedures to protect the organization against unauthorized access, use, disclosure, disruption, modification, and/or destruction. Conducts and reviews audits and risk assessments. Additionally, Information Security Director reviews and evaluates internal operations and controls. Oversees the migration of non-compliant environments to compliant environments. Ensures compliance with data protection guidelines and applicable laws. Requires a bachelor's degree. Typically reports to a director. The Information Security Director typically manages through subordinate managers and professionals in larger groups of moderate complexity. Provides input to strategic decisions that affect the functional area of responsibility. May give input into d (Copyright 2024 Salary.com)

Overview

3 years of relevant work experience in Security Engineering, network security devices, security practices, or infrastructure security in a regulated environment.
2 years of experience working in at least one of the following regulatory settings: ISO 27001, SOX, HIPAA, HITECH, CLIA, CAP.
Authorization to work in the United States without sponsorship.

Experience a rewarding and fulfilling career with Mercyhealth. Mercyhealth is committed to offering our partners a best place to work. Our unique workplace Culture of Excellence is built upon:

Employee engagement, empowerment and growth
Teamwork toward our common goal - providing exceptional health care services with a passion for making lives better
An atmosphere of caring and quality that cascades throughout the organization

The Information Security Engineer role will be responsible for supporting the operational security function to maintain the confidentiality, integrity, and availability of Mercyhealth's digital assets. A hands-on technical specialist, the Information Security Engineer handles the complex and detailed technical work necessary to foster and enhance a robust, in-depth security posture

Responsibilities

ESSENTIAL DUTIES AND RESPONSIBILITIES

Serve as a champion for effective information security processes and behaviors across the enterprise.
Monitor, investigate and mitigate information security alerts generated throughout the information security solution stack (i.e., MDR, CRI, XDR).
Provide technical assistance with the set-up and proper management of systems that support the Mercyhealth information security posture; including, but not limited to, malware detection systems, spyware and adware detection systems, and spam filtering systems.
Evaluate bug reports, security exploit reports, and other security notices issued by vendors, manufacturers, government agencies, professional associations, and other organizations as needed, make recommendations to internal management and technical resources to take precaution steps and track remediation.
Review penetration test and vulnerability scan results, develop prioritized mitigation plans and track execution of effective mitigation measures.
Assist in fulfilling evidence requests in response to regulatory compliance audits (i.e., SOC, HIPAA/HITECH).
Evaluate acquired or developed systems and architectures to ensure alignment with Mercyhealth's information security requirements.
Perform security reviews, identify gaps in security architecture, and develop a security risk mitigation plan.
Identify and develop content to support the information security awareness and training program.
Evaluate information systems and networks to determine the protections needed (i.e., security controls).
Serve as a technical consultant on information security investigations and forensic technical analysis.
Serve as an active, supporting role to the Security Incident Response Team (SIRT) and participate in security incident response efforts.

EDUCATION and EXPERIENCE

Bachelor's degree in computer science, information systems, or field related to essential duties of the job or related field; or high school degree/general education diploma and 4 years of relevant experience in lieu of bachelor's degree.
3 years of relevant work experience in Security Engineering, network security devices, security practices, or infrastructure security in a regulated environment.
2 years of experience working in at least one of the following regulatory settings: ISO 27001, SOX, HIPAA, HITECH, CLIA, CAP.
In-depth knowledge of common security exploits, vulnerabilities, and countermeasures.
Demonstrated ability to perform the Essential Duties of the position with or without accommodation.
Authorization to work in the United States without sponsorship.

CERTIFICATION/LICENSURE

Information security or cyber security certification(s) is preferred.

ADDITIONAL REQUIREMENTS

Passing the Driver's License Check and/or Credit Check (for those positions requiring).

Must be able to follow written/oral instructions.

OTHER SKILLS AND ABILITIES

Demonstrates a sense of urgency and a commitment to high standards of ethics, regulatory compliance, customer service and business integrity.
Hands-on experience with SIEM implementation and administration.
Information security in a public/private cloud infrastructure (Azure, AWS) environment.
Completion or coursework toward information security certifications.

INFORMATION ACCESS

Partner may access patient care information, financial data, human resource data and strategic and planning data needed to perform their job duties as directed by the director.

WORK CONTACT GROUP

Partners, physicians, vendors

SPECIAL PHYSICAL DEMANDS

The Special Physical Demands are considered Essential Job Functions of the position with or without reasonable accommodations. While performing the duties of this job, the partner is regularly required to sit and use hands to finger, handle or feel. The partner is occasionally required to stand, walk, or reach with hands and arms; climb or balance and stoop, kneel, crouch, or crawl. The partner must occasionally lift and or move up to 25 pounds. Specific vision abilities required by this job include close vision and color vision.

LEVEL OF SUPERVISION

Requires minimal level of supervision.

Benefits

Mercyhealth offers a generous total rewards package to eligible employees including, but not limited to:

* Comprehensive Benefits Package: Mercyhealth offers a retirement plan with competitive matching contribution, comprehensive medical, dental, and vision insurance options, life and disability coverage, access to flexible spending plans, and a variety of other discounted voluntary benefit options.

* Competitive Compensation: Mercyhealth offers market competitive rates of pay and participates in various shift differential and special pay incentive programs.

* Paid Time Off: Mercyhealth offers a generous paid time off plan, which increases with milestone anniversaries, to allow employees the opportunity for a great work-life balance.

* Career Advancement: Mercyhealth offers a number of educational assistance programs and career ladders to support employees in their educational journey and advancement within Mercyhealth.

* Employee Wellbeing: Mercyhealth has a focus on wellbeing for employees across the organization and offers a number of tools and resources, such as an employer-sponsored health risk assessment and a Wellbeing mobile application, to assist employees on their wellbeing journey.

* Additional Benefits: Mercyhealth employees have access to our internal and external employee assistance programs, employee-only discount packages, paid parental and caregiver leaves, on-demand pay, special payment programs for patient services, and financial education to help with retirement planning.