Apria Healthcare is one of nation’s leading providers of home healthcare products and services including respiratory therapy, sleep apnea therapy, non-invasive ventilation therapy, enteral nutrition therapy, negative pressure wound therapy and home medical equipment. Headquartered in Lake Forest, California, Apria owns and operates branch locations across the nation and serves more than 1.8 million patients each year. With over $1 Billion in annual revenues, Apria is one of the largest home healthcare companies in the United States. Apria was the first company of its type to obtain voluntary accreditation from The Joint Commission and has been continuously accredited for more than 25 years. For more information, visit www.apria.com .
Under the general guidance of the Manager and/or Director, Information Security, the Information Security Engineer will provide support in the operational aspect of IT system security designs, policies, and solutions in conjunction with the Security Architects. This role will participate on project teams across business and IT groups. This role will also assist in planning, designing, and managing enterprise information security initiatives in support of the core security functions of the Information Security group.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Works closely with all IT groups as a subject matter expert in systems and network security technology and practices. Participates in security implementation projects to ensure security requirements are evaluated and met. Provides input as a member of project teams to ensure that adequate security controls and features are implemented into information systems as an integral part of the initial system design. (30% of time)
Participate in formulating Apria’s IT security strategies. Help determine technology and process requirements to implement security strategies. Assesses Apria’s IT environment against industry best practices and benchmarks to determine the weaknesses and vulnerabilities of the information security infrastructure, implementing security measures to decrease exposure to attack and/or penetration. (30% of time)
Support security operations and governance. (25% of time)
Support IT risk and compliance management program, internal investigations, audits, assessments, in conjunction with Legal, HR, Corporate Compliance, and Internal Audit. (15% of time)
Performs other duties as required. Qualification:
MINIMUM REQUIRED QUALIFICATIONS
Education and/or Experience
A minimum of five (5) years of progressively increasing responsibility and achievement in the Information Technology area with at least one (1) year in information security, including experience with information security, vulnerability and threat management technologies.
A Bachelor’s Degree in a related technical or business discipline from an accredited university or equivalent years of work experience in the field is required.
Knowledge and working experience with any security disciplines such as but not limited to vulnerability assessment, penetration testing, incident response, industry security standards and practices, web application security, security audit/review processes and applying corporate and federally mandated policies.
Experience managing IT projects in a team-oriented cross-organizational environment.
Familiarity with information security standards such as NIST, ISO, COBIT, and associated security controls.
Certificates, Licenses, Registrations or Professional Designations
An industry recognized certification (e.g., CISSP, GIAC, CISA, CISM) is preferred.
SKILLS, KNOWLEDGE AND ABILITIES
Essential Skills and Abilities
Excellent interpersonal, oral/presentation and written communications skills in both technical and non-technical language.
Conceptual and analytical thinker, able to understand, analyze and synthesize complex business and technology issues and strategies.
Team builder/player and able to work effectively with others with a demonstrated cultural awareness for interactions in multicultural and multi-national settings.
Broad information technology and project management background.
Strong judgment and decision making skills; be self-motivated with the ability to work independently and in teams with minimal direction but willingness to seek advice/assistance.
Flexible and adaptable process-oriented work style; strong demonstrated work ethic; personal time management skills.
Demonstrated work ethic that emphasizes customer focus, quality and continuous improvement.
Self-directed with the ability to work independently to meet deadlines and produce quality of work in a time-sensitive, fast-paced environment.
Demonstrated experience of disaster recovery, incident response, forensics, malware analysis, and secure code review is a plus.
English (reading, writing, verbal)
While performing the duties of this job, the employee uses his/her hands to finger, handle or feel objects, tools or controls; reach with hands and arms; stoop, kneel, or crouch; talk or hear. The employee uses computer and telephone equipment. Specific vision requirements of this job include close vision and distance vision. Must be able to travel by plane and automobile (if applicable).
While performing the duties of this job, the employee rarely is exposed to fumes or airborne particles, toxic or caustic chemicals. The noise level in the work environment is usually low to moderate.
The physical demands and work environment characteristics described above are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
As an EOE/AA employer, Apria Healthcare is committed to providing all applicants and employees with equal access to employment opportunities, regardless of sex, race, age, color, national origin, disability, pregnancy, religion, genetic information, sexual orientation, transgender status, gender identity, marital status, veteran status, or any other characteristic protected by federal, state, or local law. Apria Healthcare shall abide by the requirements of 41 CFR 60-300.5(a) and 60-741.5(a). These regulations prohibit discrimination against qualified individuals on the basis of protected veteran status or disability, and require affirmative action by covered prime contractors and subcontractors to employ and advance in employment qualified protected veterans and individuals with disabilities. AA/EOE, M/F/Disability and Vet