Information Security Engineer (IT -- Managed Care)
Information Security Professionals -- are you looking for a rewarding new position with an industry leader with a firm commitment to its employees? Join our team at MultiPlan! Founded in 1980, we are the industry's most comprehensive provider of healthcare cost management solutions. We have almost 1,000,000 healthcare providers under contract, an estimated 70 million consumers accessing our network products, and 45 million claims reduced through our network and non-network solutions each year.
We are currently seeking an experienced Information Security Engineer to work in our New York City office. We offer competitive compensation and fantastic benefits, as well as a collegial workplace in a business-casual dress environment. You'll also find plenty of options for professional development and advancement with us. If this sounds like the kind of career move you've been wanting to make, and if you meet our qualifications, we want to talk with you!
As an Information Security Engineer, you will protect the organization's computers, networks, and data against internal and external threats while ensuring continual confidentiality, integrity and availability of organizational assets. You will continually monitor the organization's security operations, incident response efforts leveraging offensive and defensive tool sets while ensuring compliance with all relevant internal control processes and related security and privacy laws and regulations.
Your specific duties in this role will include:
1. Collaborate amongst risk management and other technical groups to lead design, development and implementation of information security and risk management policies, standard operating procedures, standards and best practices that fully satisfy established goals while remaining in line with organizational initiatives.
2. Advise senior management on security-related components of the organization's Machine Learning and AI User Based Analytics Program, its Governance Risk and Compliance Program as well as the suite of offensive and defensive tools (e.g. Splunk, Nexpose, CrowdStrike).
3. Participate in the development and maintenance of relationships amongst various business functions including but not limited to internal audit, client account management and third party auditors. Participate in the audit and review of assigned business processes to evaluate adequacy of controls within IT. Utilize audit findings to make appropriate recommendations for the correction of weaknesses within processes and procedures that support the continual improvement in operational procedures.
4. Design and implement the organization's continuous monitoring program to ensure thorough monitoring of the organization's digital security footprint.
5. Collaborate amongst peers to ensure that all security tools and technologies are maintained at an acceptable level.
6. Lead threat management and security incident response efforts.
7. Identify, collaborate, coordinate and communicate opportunities to strengthen IT security throughout the organization.
8. Collaborate, coordinate, and communicate across disciplines and departments.
9. Ensure compliance with HIPAA, HITRUST, SOC 1 Type II, AUP, NIST and other regulations and requirements.
10. This role is empowered to make technology decisions and contribute to the annual budgeting cycles.
11. Demonstrate Company's Core Competencies and values held within.
12. The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications maybe required and/or assigned as necessary.