We build our culture one hire at a time. Our tireless pursuit of providing our partners with world-class management solutions starts with talking to you. Our goal is simple. We want to build great teams that can help our partners focus on delivering exceptional eye care: the kind of teams people want to be a part of, and the kind of teams our patients can't live without.
We want to learn more about you and the kind of team culture you can help us create. We're interested in your relevant skills and what you can do. We're even more interested in your positive attitude and flexible mindset.
THE OPPORTUNITY AT HAND
The Senior Security Engineer will work within Spectrum Vision's Information Technology organization to ensure the ongoing protection of the applications, systems, network, physical assets, and data of the company and that they are operated under continued alignment with Information Risk and Security policies, standards, and compliance requirements. This will be achieved by ensuring the security tools and processes designed to protect the company's data, systems, and network are working effectively together. This role is a technical engineering and operations position requiring superior technical design and process-building skills with the ability to advocate and influence positive transformation within the broader IT organization.
OUR EXPECTATIONS OF YOU
Must be able to identify and spotlight vulnerabilities on on-premises and remote networks (including cloud operating environments), correct problems, and prevent security breaches
Develop systems and processes for information risk and security leading practices throughout the company
requirements and select security technology through RFP / RFI processes
technical security standards aligned to Information Security policy and client requirements
Key Risk Indicators and Key Performance Indicators for Security Operations services; monitors for effectiveness and develops performance improvements when necessary.
and Maintain Security Incident Response capabilities and plans and Business Continuity plans
systems for potential vulnerabilities
of penetration testing, network security, and the techniques used to expose and correct security flaws
for proper management of patches to defray business impact while keeping security protocols up-to-date
computer networks and systems for threats and security breaches
security incident response and prepare reports on security incidents
maintains, and implements vendor security assessment plans and conducts vendor security reviews to ensure COMPANY security policies, standards, and external compliance requirements are being met
draft and development of vendor security related policies, standards, guidelines, procedures, and requirements
with other security organization members on cross-business / cross-functional opportunities
WHAT YOU'LL NEED TO SUCCEED
Bachelor's degree in related field
Must have a broad understanding of security technologies including but not limited to firewalls, vulnerability and compliance management solutions, logging and security incident and event management (SIEM) , secure access service edge (SASE) endpoint security, and cloud posture management, and cloud security
think creatively and innovatively about the information risk and security solutions that can keep data safe while still allowing a business to successful
have experience in working with regulations and compliance requirements including HIPAA, HITRUST, NIST CSF, ISO 2700x, SSAE-16 (SOC 1, SOC2, SOC3), EU Data Privacy and Security, Privacy Shield, and others
have experience in developing, executing, and maintaining Security audit plans, audit standards, and vendor security reviews
have experience in identifying cultural and educational requirements for a diverse population and effectively able communicate audit and technical concepts to them
are an excellent written and verbal communicator
proficient with Microsoft Office Suite (Word, Excel, Power Point)
highly collaborative with the ability to properly handle confidential information
work well independently and in a team environment, and work well in a matrix environment
able to multi-task, prioritize and meet deadlines
handle stress well and are comfortable in a high volume environment
have flexibility and willingness to participate in the work processes of an international organization, including conference calls scheduled to accommodate global time zones
Industry Certifications (Must be able to obtain one or more within 18 months if not currently certified):
Information Systems Auditor (CISA)
Information Systems Security Professional (CISSP)
in Risk and Information Systems Controls (CRISC)
Information Security Manager (CISM)
WHO WE ARE
We're a leading management services organization proudly serving ophthalmology practices and ambulatory surgery centers throughout the Mid-Atlantic and New England regions. We work tirelessly to provide our partners with access to world-class management solutions-including human resources, marketing and patient retention services, finance and accounting services, payroll management, and information technology-so our partners can focus on delivering exceptional eye care.
Our leadership team is composed of some of the most experienced individuals in the eye care business. Our senior management team has a combined 200 years of eye industry experience collaborating with some of the most recognized practices in the nation.
With nearly 1,400 employees, we support over 50 clinic locations, five state-licensed ambulatory surgery centers, and over 110 surgeons, doctors and other medical professionals. Our brands include OCLI Vision, Ophthalmic Consultants of Connecticut, Island Eye Surgicenter, New Vision Cataract Center and others.
At Spectrum Vision Partners we know that cultivating diversity and fostering an inclusive work environment is critical to our impact and success. We create an environment where no individual is advantaged or disadvantaged because of their background. We offer equal opportunity employment regardless of race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability status, age, marital status, or protected veteran status. With a commitment to maintaining a bias-free environment in which harassment is prohibited, we respect cultural diversity and comply with the laws of the places in which we operate. We expect our business partners, suppliers, clients, and all of our team members to uphold these commitments.