About Us:

CyncHealth is a statewide Health Information Exchange (HIE) with a purpose to achieve health care transformation through community betterment and collaboration while protecting the security and privacy of medical information. Join our team to play a key role in leading a health data utility, advancing interoperability, and improving healthcare.

Position Summary:

The Information Security Manager is responsible for ensuring information security compliance across the enterprise. This position will support the development and rollout of new policies, procedures, and modernization of existing policies to mature information security practices and protect the enterprise from internal and external threats. This role will lead and oversee cybersecurity daily operations.

Responsibilities:

• Create, maintain, and implement security policies and procedures to protect the organization's critical data.
• Implement, measure, and manage security controls within Amazon Web Services.
• Manage security vendor services to ensure adequate processes and controls are in place to monitor, detect, and prevent cybersecurity incidents and threats.
• Conduct regular security control assessments, including user audits, patch verification, and security exception review.
• Continually assess cyber security framework. Make recommendations for improvement and modernization. Implement or oversee implementation of approved recommendations.
• Participate in the organization’s Change Advisory Board.
• Understand security requirements and communicate safeguards to key stakeholders internally and externally to the organization.
• Support security certification initiatives such as HITRUST, SOC 2, and other relevant security certification processes.
• Maintain regulatory knowledge as applicable to the work of CyncHealth. In particular, understand obligations under HIPAA, data breach notifications, Federal Acquisition Regulations, OMB’s Uniform Guidance, and other relevant laws and regulations.
• Assist with developing and maintaining incident response plans and processes.
• Support tabletop exercise planning and participate in simulation exercises.
• Provide regular and ongoing feedback, including performance management with direct reports.
• Build and maintain effective relationships with interdepartmental leadership.
• Provide security awareness training to all employees that will initiate, facilitate, and foster a culture of information security awareness.
• Recommend technology to maintain highest levels of cyber security capabilities.
• Identify potential risks and makes recommendations to address gaps and mitigate compliance and regulatory risks.
• Protect assets and the integrity, security and privacy of information entrusted to or maintained by the organization.
• Model CyncHealth’s values and Code of Conduct. Manage resources and business objectives in compliance with charter, policies, and standards.
• Other duties as assigned.

Experience/Requirements:

• Experience securing cloud infrastructure required, with experience securing Amazon Web Services preferred.
• Bachelor’s degree in information technology, Cybersecurity, or related field preferred, however a combination of education and related work experience may be considered.
• A minimum of seven years proven experience in information technology/security with progressive experience required.
• 5 years of leadership experience in healthcare IT preferred.
• CISSP or equivalent certification preferred. Ability to obtain within one year of hire required. The organization will support obtaining the certification.
• Advanced understanding of Information Security Management required.
• Experience conducting internal investigations and supporting external audits.
• Experience with HITRUST and NIST CSF preferred.
• Experience with DLP, SIEM and other security tools.
• Demonstrated expertise to handle complex and ambiguous situations in a positive and collaborative manner.
• Demonstrated experience with leading and managing a diverse and multidisciplinary team.
• Excellent verbal and written communication skills.
• Ability to work independently with minimal supervision.
• Strong decision-making and critical thinking skills.

Physical Requirements:

• Ability to work on a computer for extended periods of time.
• Ability to stand or sit for extended periods of time.
• Extended working hours and overnight travel may be necessary.
• Light work requiring exertion up to 20 pounds of force occasionally, and/or up to 10 pounds of force often, and/or a negligible amount of force constantly to move objects.
• Ability to work from La Vista, NE office with reliable and predictable attendance Normal hours are Monday-Friday 8am-5pm, however, extended hours may be needed in this position.

Benefits:

• Medical, Dental, & Vision
• 20 days paid time off annually 9 paid holidays annually.
• Long & short-term disability (fully paid by CyncHealth)
• Life Insurance (fully paid by CyncHealth)
• 401(k) with 4% matching & immediate vesting
• Parental Leave
• Pet Insurance
• Other voluntary benefits

Disclaimer:
The above statements are intended to describe the general nature and level of work being performed by individuals assigned to this position. The statements are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required for this position.
Must be authorized to work in the United States.