Information security administrator job description

Who We Are
Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.

We enjoy the important work we do every day in service to our members, partners, colleagues and communities.

Job Summary
Working within the framework of established operating procedures, this position is accountable for the administration of client accounts and system data security. This position is also responsible for the creation and maintenance of administrative documentation and the training of new Security Administration staff.

Key Responsibilities/Duties - what you will be doing
Perform administration functions for file servers, application servers and mid-range systems.Ensure that all functions and tasks are completed accurately and are in accordance with established procedures and Service Level Agreements.As required, administratively assist in ISCSC and Desktop Support functions; ensure the delivery of high-quality service to customers.As required, participate on project teams and manage the completion of all assigned project related tasks.

Qualifications - what you need to perform the job
EDUCATION, CERTIFICATION AND LICENSURE:
Associate's degree or equivalent business experience is preferred.A Security+ certification is preferred.

EXPERIENCE (minimum years required):
Requires 1-2 years providing PC based hardware and software support and configuration.Experience with Unix and Windows 2012 or above operating system preferred.Experience with authentication and authorization is preferred Additional security, Microsoft Exchange, 365, Linux, Lotus Notes or HP/UX coursework or
experience is helpful.

SKILL REQUIREMENTS:
Requires analytical and technical ability to understand the managed care business and the ability to interact effectively with others for systems analysis purposes.Requires an understanding of the role of information systems within the business. Requires a conceptual understanding of current and emerging computer and networking technologies pertinent to the business and information systems.Requires that the individual be well organized while being readily adaptable to changes in a fast-paced environment.Must be able to work independently and to exercise appropriate judgment as necessary.Requires strong verbal communication skills to effectively impart information to end-users.Requires the ability to multitask.Requires good interpersonal skills to work and communicate effectively with management, the end-user community, IS department and various software vendors.Requires the ability to maintain productive interpersonal relationships.

WORKING CONDITIONS AND ADDITIONAL REQUIREMENTS (include special requirements, e.g., lifting, travel):
Must be able to work under normal office conditions and work from home as required.Work may require simultaneous use of a telephone/headset and PC/keyboard and sitting for extended durations.May be required to work additional hours beyond standard work schedule.Work may require simultaneous use of a telephone/headset and PC/keyboard and sitting for extended durations.May be required to work additional hours beyond standard work schedule.

Commitment to Diversity, Equity & Inclusion
Point32Health is committed to making diversity, equity, and inclusion part of everything we do-from product design to the workforce driving that innovation. Our DEI strategy is deeply connected to our core values and will evolve as the changing nature of work shifts. Programming, events, and an inclusion infrastructure play a role in how we spread cultural awareness, train people leaders on engaging with their teams and provide parameters on how to recruit and retain talented and dynamic talent. We welcome all applicants and qualified individuals, who will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

COVID Policy
Please note: As of January 18, 2022, all employees - including remote employees - must be fully vaccinated. This position will require the successful candidate to show proof of full vaccination against COVID-19. Point32Health is an equal opportunity employer, and will consider reasonable accommodation to those individuals who are unable to be vaccinated consistent with federal, state, and local law.

At Community West Bank, we put deposits to work locally, making loans to businesses, families and non-profit organizations. We are the largest publicly traded and only community bank headquartered and serving California's Central and South Coast area of Ventura, Santa Barbara and San Luis Obispo counties, with full-service branches in Goleta, Oxnard, Paso Robles, San Luis Obispo, Santa Barbara, Santa Maria, and Ventura. We were named one of the Central Coast Best Places to Work by the Pacific Coast Business Times, and we love working here and think you may too!

As an integral member of the Risk Management Department Community West Bank, this position will provide extraordinary customer service to our internal team members and external customers, exemplifying the Bank's values and our dedication to quality and service. This position will have direct responsibility as a Risk Management team member to assist in the accomplishment of the Department Business Plan goals and objectives. This position will elevate the team as a member of the Bank's high performance culture that emphasizes empowerment, quality, productivity, ethical standards, goal attainment and the ongoing development of CWB's vision to become the bank of choice, providing an unparalleled experience for our clients, employees, and community.
JOB OVERVIEW/PURPOSE
The Information Security Administrator is supports the planning, design and enforcement of information security risks, policies and guidelines, and performs comprehensive information security risk assessments. This position identifies, assesses and collaborates to mitigate information security related risks, and adjusts risk framework elements (policies, procedures, & technologies) to integrate them into the enterprise risk management program. This position ensures the Information Security Program is maintained. This position will partner with IT groups, business groups and project teams to perform security risk analysis for applications, infrastructure and data elements while also ensuring components meet business needs. Supports the Cybersecurity Program and the Cybersecurity Incident Response Team. Develops training and provides guidance on complex issues related to cybersecurity, information security and/or technology. Keeps current of new regulatory requirements and supports policies and procedures to ensure compliance and consistency. Researches, analyzes and recommends new cyber risk and information security technologies, procedures. This position performs all essential duties in compliance with regulatory requirements as well as Bank policies and procedures.
Essential Duties
* Maintains and enforces the information security and cybersecurity risk management frameworks/methodologies
* Maintains the Information Security Program and related Information Security Policies, Standards, and Reporting
* Contributes to the development of business unit strategy by providing a view on potential improvement for information security risk and compliance policies and procedures, including an assessment of the existing situation and anticipated changes in the external environment
* Develops and implements effective processes to identify, measure, report, track and remediate information security risk-related issues, inclusive of gap analyses and evaluation of new systems or processes
* Supports the Cybersecurity Incident Response Team: Reviews potential Intrusion Detection events, performs malware analysis, and assesses high severity security events; plans and initiates the response actions as required, and provides updates to management and the Board; coordinates incident investigation and remediation with internal and external resources
* Advises the CRO, ISO, management, and the Board regarding cybersecurity strategy to leverage new technology and cybersecurity frameworks
* Supports the management of the Bank's CAT (Cybersecurity Assessment Tool), makes recommendations in areas where the controls should be enhanced, or enacts changes within purview
* Reviews user access certifications to verify application entitlements are appropriate for each user's role and responsibilities
* Provides information security, risk management, technical advice, and counsel to the IT Department
* Supports IT security audits and external third-party assessments (e.g., penetration tests, social engineering assessments, targeted assessments) presenting results to the Audit Committee or the Board of Directors as applicable
* Supports the management of tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with the IT Manager / ISO. Recommends appropriate updates to standards, process and procedures as part of comprehensive remediation
* Serves as an advisor to the Information Technology Steering Committee and the Crisis Management Team
* Develops, provides and oversees information security and cybersecurity training for employees, and provides guidance, direction and education on these functions as well as the latest security strategies and technologies
* Manages the social engineering testing program for the Bank
* Acts as the project lead in strategic projects related to information security and/or cybersecurity as applicable
* Supports and maintains the Vendor Management program: Performs vendor initiation processes, analysis, gathers and assesses documentation, and reports to ISO and CRO.
* Meets response and resolution times as defined in Service Level Agreements and/or service requests, and follows established processes to meet service level commitments
* Completes all required regulatory training as assigned within deadlines established including BSA, Bank Security and any other training as assigned, within required timeframes and on an annual basis
* Cross trains in additional functions of the department
* Other duties and/or projects as assigned by supervisor
Community West Bank is an EEO/AA/Disability/Vets Employer. Reasonable Accommodations may be made to enable individuals with disabilities to perform the essential functions of this position.



* Bachelor's degree, or an equivalent combination of education, training and experience
* Minimum 5 years of related experience, preferably at a financial institution
* Understanding of Security Information and Event System (SIEM) solutions
* Advanced knowledge in information security and assurance practices
* Advanced knowledge of systems principles, architecture, design, analysis, and troubleshooting
* Advanced skills in network design and operation
* Experience with internal data security controls
* Experience with effective risk management practices and principals
* Experience with interpreting and assessing information security-related regulatory standards
* Ability to effectively comprehend and interpret Bank policies and procedures in the work environment
* Ability to work independently and collaborate effectively as a team member
* Ability to exercise good judgment in making decisions
* Ability to work under pressure, prioritize and meet deadlines
* Exceptional follow-through and attention to detail
* Exhibit high degree of professionalism in handling and having access to sensitive information, and protect and maintain that confidential information
* Excellent interpersonal skills to communicate effectively with a wide range of employees and customers.
* Ability to complete tasks within prescribed time frames
* Professional in appearance, and in verbal and written communication
* Proficient with: MS Word, Excel, Outlook, Internet, Visio

816 Camaron Street
Who We Are

Child Development Schools, dba Childcare Network, is the 4th largest owner/operator of childcare facilities in United States. It is a Glencoe Capital portfolio company and has grown rapidly and consistently via acquisition and new site development- the Company currently operates 265 schools across 11 states, but has ambitions to grow significantly more. Childcare Network is investing in key teams to support growth and enable key operational improvements.

Childcare Network is a leader in subsidy-based childcare, focused on underserved, lower-income families. The Company prides itself in its ability to deliver safe, high-quality, and affordable care and education to all children.

What We Offer

We offer a comprehensive benefits package that would be available to you as a valued employee.

Competitive pay, including incentive opportunities for many positions
Paid Time Off and Company holiday pay
Medical /Dental /Vision insurance plans
401(k) Retirement savings plan with company matching contributions
Training and career development opportunities

This is a hands-on position developing, implementing and administering information security procedures and processes and identifying and remediating risks for a growing company based in Austin, TX with more than 260 locations throughout the United States. This is a great opportunity for an Information Security professional with the proven ability to quickly understand business needs and apply information security standards to ensure the organization's information security while enabling proper use of our systems. You will work with a wide variety of users to learn what they need to do their job effectively while helping them to keep our information secure. Reporting to the VP of IT, you will work with other IT professionals and employees throughout the organization to ensure the security of the company's information.

• Must be familiar with NIST 800-171 and related information security standards
• Must have bachelor's degree in Information Security or closely related field
• Must have 5 or more years of relevant Information Security experience
• Hands on experience in writing, developing and implementing information security policies and procedures
• Knowledge of best practices for information security
• Ability to work with a wide variety of users to understand business needs
• Ability to balance business needs with information security requirements
• Proven ability to create documentation independently
• Ability to present technical information to non-technical users
• Ability to listen to non-technical users and understand and analyze issues
• Customer service oriented with a problem solving attitude
• The ideal candidate will be highly motivated, a self-starter, creative, able to work independently, possess a strong attention to detail and have a "can do" attitude
• Ability to work with minimal supervision and assistance

• Document and address organization's information security requirements
• Understand unique business requirements and how they affect information security
• Design, build and implement enterprise-class information security policies and processes
• Align standards, frameworks and security with overall business and technology strategy
• Work with key stakeholders to define appropriate levels of system access based on job roles and information security requirements
• Work with IT team to develop technology solutions that balance business requirements with information security requirements
• Perform security reviews with stakeholders throughout the organization, identifying gaps and develop and implement risk mitigation plan
• Audit systems, processes and users to ensure compliance with information security policies and procedures
• Works with departmental managers to ensure all department employees have appropriate systems access
• Ensure that vendor / partners' systems are consistent with information security requirements
• Analyze how new systems, vendors, applications, etc will impact information security
• Identify and communicate emerging security threats
• Triage incoming alerts and prioritize response and remediation of threats
• Create and analyze information security reports
• Recommend and implement new systems to improve information security compliance
• Work with wide range of users to ensure information security while meeting business needs
• Create training materials for a wide range of users to improve understanding of information security
• Performs and documents regular information security assessments to ensure procedures and processes are followed company wide

INDCN