Information Security Principal

We are seeking a highly skilled Information Security Principal to join our dynamic team. The ideal candidate will have a deep understanding of security principles and practices, along with a strong background in designing, implementing, and maintaining secure systems and networks. The Information Security Principal will work closely with IT, development, and business teams to ensure that security controls are integrated into all aspects of our organization’s operations and technological infrastructure.

 

TASKS AND RESPONSIBILITIES:

• Design and implement robust security architectures for various IT projects, ensuring compliance with industry standards and regulations, such as NIST and HITRUST.
• Design and Architecture: Responsible for evaluation and selection of security technologies and the ability to effectively scorecard and create a process around this.
• Collaborate with IT and development teams to integrate security controls into software development lifecycles, cloud, and infrastructure projects.
• Threat Intelligence: Stay abreast of emerging threats and vulnerabilities. Utilize threat intelligence to enhance our defensive strategies and incident response capabilities.
• Provide guidance and training for staff on security standards, policies, and best practices.
• Security Incident Investigation: Conduct thorough investigations of security incidents to determine root causes and implement corrective actions to prevent recurrence.
• Collaboration and Communication: Collaborate effectively with cross-functional teams, including IT, compliance, legal, and executive leadership, to align security initiatives with business objectives.
• Information Security: Responsible for infrastructure specific security as well as cyber, including network security and infrastructure security, including servers and storage.
• Continuous Improvement: Lead initiatives to continuously improve security operations and enhance our overall security posture. Identify opportunities for automation and optimization.

 

SKILLS|EXPERIENCE:

• 8+ years of experience in cybersecurity, with 3+ years in a security architecture role.
• Strong knowledge of security frameworks (NIST, HITRUST) and regulatory requirements (HIPAA, HITECH).
• Proficiency in cloud security (GCP, Azure), network segmentation, and identity management.
• Knowledge of software development practices and secure coding principles.
• Familiarity with DevSecOps practices and tools.
• Experience with incident response and forensic investigations.
• Understanding of data privacy regulations and compliance requirements