Manages team that enforces the defensive cyber security posture of the organization.
Leads and facilitates the effort to address identified cyber risks with corrective action plans to ensure compliance with HIPAA, PCI DSS federal and state information protection, and other relevant regulations and security frameworks.
Sets deadlines, assigns responsibilities, monitors and communicates progress of cyber security projects, and assists the Director of Information Security and other senior leaders in developing and executing the cyber security budget to align with organizational strategic goals.
Collaborates with multiple departments to help them better understand security risks, identify and remediate their weaknesses, and improve the security of their operations.
Works closely with compliance, legal, privacy, human resources, and IT in the investigation of privacy and security incidents and other compliance/privacy related and risk reduction matters.
Assists in developing and managing cyber security strategies to improve privacy, compliance, and auditing programs.
Oversees the remediation of cyber security deficiencies through the documentation of findings and validates closure to increase the organization’s security maturity and reduce overall risk. Advises leadership concerning the overall status of findings and associated remediation plans.
Manages security awareness, training, and education program.
Works with IT on technical cyber security aspects of implementation projects.
Responsible for his/her team’s maintaining documentation and procedures as applicable.
Participates in mandatory IT meetings and complies with IT policies, procedures and guidelines.