Full-time
Chief Information Security Officer - Versant Health - Linthicum Heights, MD

Versant Health bringing you Davis Vision and Superior Vision is a leading provider of vision and eye health solutions. We offer a full spectrum of services in the vision care marketplace. Our mission is very real to our members: we help them enjoy the wonders of sight through healthy eyes and vision. What you do as a Versant Health Associate matters. 33 million Americans count on us to provide access to annual eye exams and corrective eyewear. We are here to change the face of vision care, and together we will make this happen.

Great Environment
We are committed to a culture of delivering outstanding service, provider access, and member and customer value. You'll find a strong commitment to ensuring our culture also embraces quality and continuous improvement. We seek associates who are creative thinkers with fresh insights, who thrive in a dynamic, customer-centric environment.

Scope and Purpose of Position
The role of the Chief Information Security Officer is to oversee and coordinate Enterprise Compliance, Business Continuity, Enterprise Risk Management and Information Security. The Chief Information Security Officer is responsible for the overall Information Security and Risk Management posture of the company and works with various locations and departments to improve physical and associates security. The CISO will be responsible for setting the vision for the program according to HIPAA rules, development of the security program and overseeing program execution. This position will report directly to the Chief Operations Officer.

Essential Functions
Develop, manage and set the vision for the Information Security Program Design the architecture for security programs that include: Audit and Compliance functions Risk Governance Security Policies and Procedures Security Awareness Training Security Information and Event Management Incident Response Management Business Continuity Processes Ensure security architecture deliverables reflect and support business, technical, operational, and compliance objectives Recruit and manage the Information Security Team Develop and maintain detailed Security Architecture Plans and Designs Review Threat and Vulnerability reports and create detailed Action Plans to address risks Maintain awareness of IT/ Security industry trends, evaluate new solutions and techniques, as remain aware of emerging threats Create Security Standards for Hardened Server, Workstations, and Network Components Work with and influence project teams and business contacts in regards to security controls, risk mitigation techniques related to information security Direct initiatives related to Information Security strategic planning Set and manage budget for Information Security Promote awareness of Information Security Best Practices Ensure that Information Security is adequately represented across lines of businesses Prioritize and delegate Risk Assessment activities and ensure completion Oversee newly implemented technologies and coordinate internal/external audits Define Secure Application Development Best Practices and Processes Audit Application Architectures to ensure Security Standards are effective Ensure compliance of the Information Security and Risk Management programs with all Regulatory, Contractual, Association, and Client requirements Provide direction for Enterprise Risk Management, Business Continuity and Disaster Recovery Efforts, Policies and Procedures, and Record Retention Lead compliance efforts consisting of HIPAA, HITRUST, SSAE 18 SOC 1 and 2 reporting, client audit response (For IT, Security, and related items), PCI, and other compliance requirements Education & Experience
Bachelor's degree in related field or equivalent combination of experience and education CISSP, CISM, or other equivalent security certification required CRISC, CISA, CISM preferred ITIL Certification preferred 7+ years of Progressive Experience in Managing Security Department Staffing, Budgets and Invoicing, Contractors, Vendors, and Security Programs and Projects 7+ years of Progressive Expertise in Managing Corporate Security Programs with directly relatable experience Hands-on Technical Experience with Telecommunications and Network, Security Solutions (Firewalls, IDS/ IPS, SIEM, Vulnerability Assessment Tools) Access Control Systems, Cryptography, Physical Security Systems, and Secure SDLC Methodologies Highly self-motivated and directed Superior attention to detail Proven analytical and problem-solving abilities Ability to effectively prioritize and execute tasks Competencies
Strong verbal, listening and written communication skills with the ability to write technical documentation, reports and correspondence Ability to speak and present information effectively to groups of varying sizes Strong mathematical skills and ability to translate data into statistical mathematical representation Define problems, collect data, establish facts, and draw valid conclusions Ability to exercise good judgment and make sound decisions independently; delegate/escalate issues appropriately Well-developed interpersonal skills. Ability to get along with diverse personalities; tactful, mature and flexible Ability to establish creditability and be decisive but also to recognize and support the organization’s preference and priorities Ability to maintain the highest standard of confidentiality is required with zero tolerance High energy level, comfortable performing multifaceted projects in conjunction with normal activities Results oriented with the ability to balance other business considerations The ability to provide positive leadership and mentor associates We provide equal employment opportunities (EEO) to all associates and applicants for employment without regard to race, color, religious beliefs, sex, gender identity, sexual orientation, age, marital status, national origin, ancestry, physical or mental disability or history of disability, genetic information, status as a protected veteran or disabled veteran, or any other status protected by Federal, state or local law.

If you are prohibited from working on a government contract, this may disqualify you from consideration for this position.

Apply for this job  or Save to My Jobs

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing careersinfosecurity.com, you agree to our use of cookies.