Location: Chicago, IL
- We are currently seeking a Senior Vulnerability Assessment resource to help lead cybersecurity and vulnerability management efforts within our Health Information Technology department.
- Serve as a security subject matter expert for the vulnerability management program.
- Contributes to the development and execution of vulnerability assessments through technical leadership of initiatives and projects which will further enhance security posture.
- Proactively identify vulnerabilities and determine associated impact, severity and potential compensating or mitigating controls.
- Assess and advise on risk posed by identified vulnerabilities.
- Identify, through automated tools and manual procedures, internal and external vulnerabilities, and collaborate with owners and other subject matter experts to set the priority and to ensure remediation.
- Assist system owners and subject matter experts with root cause analysis and action plans to meet requirements.
- Provide vulnerability management-based expertise and guidance. Share practices and standards with peers on the cybersecurity team.
- Develop / Enhance cybersecurity and vulnerability management procedures.
- Serve as a cybersecurity expert and liaison to technical and operational leadership, helping to coordinate technical projects, security-related problem resolution, incident management, and investigations.
- Evaluate and understand complex and cutting edge security and cybersecurity technologies to facilitate integration and augmentation of current systems and affect defense-in-depth strategies.
- Evaluate organizational cyber resilience and inform the cybersecurity strategy and posture.
Additional Job Functions:
- Develop and improve metrics, and trending for vulnerability assessment functions.
- Work with existing solution vendors and outside consultants as necessary; identify potential solutions.
- Install and manage enterprise security applications and tools.
- Conduct risk assessments, document results, and propose and track remediation efforts.
- Create and maintain vulnerability reporting metrics.
- Support user and system audits.
- Mentor peers and provide educational/informational sessions to improve cybersecurity posture throughout the enterprise.
- Make recommendations for policy changes pertaining to information security to support continued cybersecurity maturation.
- Complete appropriate security documentation to comply with policies and meet internal and external auditor’s expectations.
- Promote the goals, expectations, and policies of the department and organization.
- Share on call production support with other members of the cybersecurity staff.
- At times, this may require resolving production problems or investigating incidents during off hours such as nights, weekends and holidays.
Our ideal candidate will have:
- CISSP or CEH certification is required.
- Minimum of a Bachelor’s degree is required.
- Minimum of 8 years developing and supporting cybersecurity and information security practices for information systems and applications at the enterprise level, preferably in healthcare.
- Minimum of 4 years of experience developing vulnerability management operations and reporting protocols.
- Expert understanding of security testing and vulnerability remediation.
- Excellent technical investigating and problem solving skills.
- Ability to work alone and in a team setting.
- Good verbal and written communication skills with a strong customer service orientation.
- Proven ability to create and execute project and test plans.
- Knowledge of healthcare applications, trends and industry standards a plus.