IT Security and Compliance Manager, Full-time

The IT Security Manager role is a hands-on position with the responsibility of leading the IT security initiative and participating in the selection and implementation of security solutions. The IT Security Manager is responsible for establishing an enterprise security stance through policy, architecture, and training processes. Tasks will include selecting and implementing appropriate security solutions and oversight of any vulnerability audits and assessments. The IT Security Manager is expected to interface with peers in the Systems and Network departments as well as with the leaders of the business units to both share the corporate security vision with those individuals and to solicit their involvement in achieving higher levels of enterprise security through information sharing and cooperation.

Responsibilities: 

• Strategy & Planning: Maintain and enhance security architecture, enforce security policies, and facilitate employee security awareness training.
• Risk and Compliance Management: Conduct risk assessments, lead compliance audits (e.g., HIPAA, SOC 2), and manage vendor risk to ensure third-party compliance.
• Operational Management: Oversee daily security operations, implement and maintain incident response plans, and lead investigations with post-incident reviews.
• Leadership and Collaboration: Collaborate with senior leadership on cybersecurity strategies, facilitate IT Compliance Board and Data Governance meetings, and ensure alignment through participation in the Architecture Review Board (ARB).
• Industry Awareness: Stay current on IT security trends, including new solutions, processes, and emerging threats.
• Solution Acquisition: Identify, select, and procure new or enhanced security solutions to strengthen enterprise security.
• Deployment and Integration: Oversee the deployment, integration, and configuration of new security solutions and enhancements, adhering to best practices and enterprise security standards.
• Data Protection: Ensure the confidentiality, integrity, and availability of data across enterprise systems and repositories.
• Policy Enforcement: Oversee compliance with enterprise security policies and documentation.
• Incident and Risk Management: Supervise investigations into security issues and oversee vulnerability assessments, penetration tests, and security audits.
• Employee Training: Conduct regular security awareness training to maintain high compliance levels.
• Collaboration: Maintain ongoing communication with Systems, Networking, and business groups to align on security goals and foster cooperation.
• Team Leadership: Directly supervise Information Security Analysts and Engineers.

Job Qualifications:           

• Education and Certifications: Bachelor's degree in IT, Cybersecurity, or related field (Master’s preferred) with strong preference for certifications like CISSP, CISM, CRISC, or CISA.
• Communication and Presentation: Excellent written, oral, and interpersonal communication skills; adept at presenting ideas in business- and user-friendly language.
• Analytical and Problem-Solving Skills: Proven ability to analyze and solve complex issues while prioritizing tasks effectively under pressure.
• Research and Detail-Oriented: Skilled in researching IT security issues and solutions, with a keen attention to detail.
• Collaboration and Motivation: Team-oriented, highly self-motivated, and effective in collaborative environments.
• Enterprise Security Expertise: Extensive experience in security architecture design, document creation, and employee security awareness training.
• Compliance and Continuity Planning: Skilled in developing Business Continuity and Disaster Recovery Plans, with experience in HIPAA/HITECH regulatory standards.
• Technical Knowledge: Proficient in vulnerability management tools, firewall configurations, IDS/IPS solutions, SIEM log correlation, and network protocols (IP, TCP/IP).
• Encryption and Best Practices: Familiar with encryption technologies and IT frameworks like ITIL and COBIT.
• Leadership and Project Management: Strong organizational skills, management experience, and expertise in leading security-focused projects.

Location: Onsite at Brooks Rehabilitation Hospital, 3599 University Blvd South, Jacksonville, FL 32216

Hours: Monday - Friday, 40 hour per week

Compensation: Experience and education may be considered along with internal equity when job offers are extended.

Thriving in a culture that you can be proud of, you will also receive many employee benefits such as the following: 

• Competitive Pay 
• Comprehensive Benefits package 
• Vacation/Paid Time Off
• Retirement Plan with Match
• Employee Discounts
• Education and Professional Development Programs