Spherion has partnered with a fast growing organization in the healthcare space seeking an experienced IT Security Manager to join their team. This position provides recommendations and provides day to day direction for the Information Security Program through the use of policy, procedures, appropriate technical controls, and the guiding of the resources within the Information Security team as well as resources outside of the Information Security team in order to reduce risk, and protect the confidentiality, integrity, and availability of information systems in support of its mission to provide quality health care. Working closely with Security Officer and Privacy department, to ensure the best possible information security technology safeguards, threat management, and incident response capabilities are in place. This is an immediate direct hire opportunity!Responsibilities:- Develop and maintain a comprehensive healthcare IT security risk mitigation report.- Conduct annual SRA Risk Mitigation Report.- Conduct annual PCI Compliance Report.- Network scan e.g., Nessus- Manage cybersecurity, SRA, PCI and HIT Security processes to ensure regulatory compliance.- Manage IT Security Analysis for implementation of security mitigation activities.- Rate risks using a defined and documented process to ascertain a probability, impact, and combined score for each risk. The risk and impact analysis must take into consideration the special nature of healthcare operations.- Develop mitigation strategies for each identified risk and ensure that these strategies are followed.- Coordinate activities of all staff during the security incident and documenting incident response. Participate in IT vendor evaluations to ensure that business associates meet regulatory requirements related to security and that controls are in place that mitigate any identified risks.Manage all security-based vendors used by MHC / MPG to specifically mitigate riskManage and facilitate all MHC / MPG IT security related audits.Ensure compliance with Health IT regulations such as NIST, HITRUST, HIPAA, HITECT and Others.Write policies and procedures related to MHC / MPG IT security operations as directed.Principal Editor of all MHC / MPG Security related policies and procedures.Support the MHC / MPG privacy office with issues related to regulatory compliance related to - confidentiality of MHC / MPG information assets and related investigations.Mobilize departmental or administrative support to address unresolved high-risk practices.Provide input or author articles for Shared Learning, newsletters, toolkits, manuals, and other types of written education.Manage the preparation of metrics and monthly reporting for MHC / MPG TIS and Executive Leadership.Conduct and document monthly testing of security systems, following through on any corrections/maintenance issues.Rate risks using a defined and documented process to ascertain a probability, impact, and combined score for each risk. The risk and impact analysis must take into consideration the special nature of healthcare operations.Develop mitigation strategies for each identified risk and ensure that these strategies are followed.Working hours: 8:00 AM - 5:00 PMSkills:- Language Skills - Ability to read and interpret documents such as safety rules, operating and maintenance instructions, and procedure manuals. Ability to write routine reports and correspondence. Ability to speak effectively before groups of customers or employees of organization.- Mathematical Skills - Advanced math skills are needed. - Reasoning Ability - Ability to apply common sense understanding to carry out detailed but uninvolved written or oral instructions. Ability to deal with problems involving a few concrete variables in standardized situations.- Computer Skills - To perform this job successfully, an individual should have knowledge of EMR software, Microsoft Excel Spreadsheet software and Microsoft Word Processing software.- Excellent written and verbal communication skillsEducation:BachelorsExperience:4-7 yearsQualifications:- Supervisory responsibility.- Bachelor's Degree in a related field or equivalent experience. - 5+ years in Healthcare IT required- 2+ years in IT security or risk management required- An in depth understanding of common IT and Healthcare IT security risks and mitigation strategies- Working knowledge of what a SOC-2 report is and how it applies to Health IT and Healthcare IT Business Associates- Detailed understanding of HIPAA, NIST, HITRUST and HITECH and related regulationsCertificates, Licenses, Registrations - CHPS and CHP or similar certification required (within 6 months of starting position). (ISC)2 certification of some type preferred.- A comprehensive understanding of standard IT infrastructure and administration practice- The ability to identify and quantify IT related risks and common mitigation strategies- An excellent understanding of common cryptographic processes such as TLS, RSA, SHA, MD5 what they are used for and how they are used to mitigate risk- Work independently with limited oversight. CHPS and CHP or similar certification required (within 6 months of starting position). (ISC)2 certification of some type preferred. Please apply with a current resume for immediate consideration!Spherion has helped thousands of people just like you find work happiness! Our experienced staff will listen carefully to your employment needs and then work diligently to match your skills and qualifications to the right job and company. No one works harder for you than Spherion. EEO Employer: Race, Religion, Color, National Origin, Citizenship, Sex, Sexual Orientation, Gender Identity, Age, Disability, Ancestry, Veteran Status, Genetic Information, Service in the Uniformed Services or any other classification protected by law.