Information Security Specialist, VSP Vision Care

VSP - Rancho Cordova, CA (30+ days ago)3.8

Full-time

VSP Global is comprised of five complementary businesses that combine high-quality eye care insurance, high-fashion eyewear, customized lenses, ophthalmic technology and retail solutions, with employees in over 23 countries. No matter the role, we’re all focused on a singular mission: to help people see. Learn more by visiting https://vspglobal.com/cms/careers/

General Summary

Under the supervision of the Information Security Manager, act as a subject matter expert concerning complex information security technology, topics and issues. Perform technical and complex duties in the areas of security management, risk management, incident management, vulnerability management, information security program and technology implementations.

Essential Functions

Provide expertise in defining, evaluating and recommending/implementing information security controls and technology to ensure the protection of the organization’s assets

Conduct security project meetings to identify gaps, and recommend security enhancements to ensure security requirements are integrated and implemented

Work closely with the Architecture, Infrastructure and Technology teams to review existing architecture, identify gaps, and recommend security enhancements

Recommend, validate, maintain and implement information security policies, standards, guidelines and procedures to ensure compliance with the Information Security Program

Conduct detailed risk analysis and risk assessment to identify, mitigate and control risks to infrastructure, information systems and data

Assist in third party evaluations to ensure that their technology environment appropriately protects shared data, that contracts have the appropriate security requirements, and that those requirements are met through regular audits and assessments.

Respond to client security audit requests and ensures that the organization meets client requirements.

Monitors changes in current threats and looks at trends for future threat analysis in order to alert the team against current and future threats

Resolve issues that requires the team’s attention

Perform security incident management practices to ensure all incidents are diagnosed, logged, escalated, and closed to its final resolution.

Job Specifications

Typically has the following skills or abilities:

Bachelor’s Degree in Computer Science or related field or equivalent experience

Minimum 5 years of hands-on technical information security experience

Advanced knowledge of security principles and technologies

2+ years hands-on experience designing and implementing a variety of security solutions and technologies

Experience with risk and threat assessment methodologies

Ability to weigh business needs against risk concerns and articulate issues to business leaders

Experience implementing security controls to comply with various IT regulatory compliance requirements such as HIPAA and PCI as well as various standards including ISO 27001

Progressive skills and ability to identify and analyze security vulnerabilities

Experience performing network and application security penetration testing and/or vulnerability management, interpreting results and remediating findings

Ability to interact with personnel at all levels of the organization and interpret business initiatives

Excellent written and verbal communication skills

Ability to regularly exercise discretion and independent judgment in the performance of his/her job duties

Preferred Skills

CISSP or equivalent SANS GIAC certifications strongly desired

Experience with risk and threat assessment methodologies

Understanding of security controls required to comply with various IT regulatory compliance requirements such as HIPAA and PCI as well as various standards including ISO 27001

Security skills related to the identification and analysis security vulnerabilities

Experience performing network and application security penetration testing and/or vulnerability management, interpreting results and remediating findings

Ability to interact with personnel at all levels of the organization and interpret business initiatives

Working Conditions / Physical Demands

The working environment is generally favorable. Lighting and temperature are adequate, and there are no hazardous or unpleasant conditions caused by noise, dust etc.

The above information in this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted as a comprehensive inventory of all duties, responsibilities and qualifications required of employees assigned to this job.

VSP Global is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to gender, race, color, religion, sex, national origin, gender identity, sexual orientation, disability or protected veteran status. We maintain a drug-free workplace and perform pre-employment substance abuse testing.

Nearest Major Market: Sacramento
Job Segment: Ophthalmic, Information Security, Risk Management, Information Systems, Computer Science, Healthcare, Technology, Finance