Head of Information Security

To ensure compliance with relevant standards such as HIPAA/HITECH, ISO 27001, PCI-DSS, and other auditing authorities (internal and external):

Develop audit plans and schedules for monitoring performance of information security controls, personnel and plans.

Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.

Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.

Ensure compliance with information security responsibilities specific to your job role.

Organize and control information security audits for assigned projects.

Arrange and liaise Audit visits by contacting Department Heads of concerned area and external Surveillance Auditors.

Finalize Internal Information Security Audit reports by validating and assessing audit findings in consultation with the Audit team, Information Security Manager and Department Heads.

Conduct Risk Analysis and Assessment IT Governance.

Work with the business units to ensure the achievement and maintenance of appropriate security controls.

Assess IT control elements to mitigate IT risks regarding confidentiality, availability and integrity of client information.

Perform analysis of application and network security needs and contribute to design, integration, and installation of hardware and software.

Maintain and administer perimeter security systems such as firewalls and intrusion detection systems.

Must have knowledge about hacking techniques and remediation for all old/new vulnerabilities.

Implement and act in accordance with MTBC's information security and privacy policies.

Skills & Tools:Knowledge of Information Security Management System. Preliminary awareness of IT Risk Management, IT Security Audit and Compliance (ISO 27001, PCIDSS, and HIPAA).#J-18808-Ljbffr