IT Security and Governance Manager - (DentaQuest) - Boston

JOB SUMMARY:

Responsible for the IT Security and Governance processes within the Information Technology (IT) Department.

JOB DUTIES AND RESPONSIBILITIES:

•	Ensures IT controls are in place or developed to satisfy audit and regulatory requirements and appropriately manage risk.

•	Monitors changing regulatory requirements and security threats and partners with internal stakeholders to update IT security policies and procedures as required.

•	Develops and maintains documentation and responds to information requests for internal and external audits, including but not limited to Division of Insurance (DOI), SAS 70/SSAE 16, annual financial audits and customer assessments. Follows up on open IT audit findings through closure.

•	Develops and maintains Disaster Recovery plans. Participates in DR exercises and documents test results.

•	Reviews security controls of key partners and vendors and reviews application security control design. Identifies and communicates risks and recommends effective and cost-appropriate risk mitigation.

•	Monitors IT security software industry and market trends, evaluates tools and methodologies, and recommends solutions.

•	Communicates updates and security awareness messages through formal and informal channels to internal audiences.

•	Represents DentaQuest’s information security program to external audiences.

•	Serves as a resource for peers and staff, providing security consulting, direction, support and mentoring in areas of expertise.

•	Other duties as assigned.

JOB REQUIREMENTS:

•	BS or equivalent and more than 10 years of work experience in an information security, disaster recovery management, and/or audit or control function, in which there are demonstrated progressive levels of responsibility, experience, and leadership.

•	Must have demonstrated expertise in IT Security, Disaster Recovery and Governance. Certification desired, such as CISSP, CISA, CISM, CBCP, or SANS GIAC.

•	Knowledge of HIPAA/Hi-Tech security and privacy requirements, CMR 201, state security breach laws and PCI standards.

•	Excellent verbal and written communication skills.

•	Effective organization, prioritization, negotiation and influencing skills.

PHYSICAL AND ENVIRONMENTAL CONDITIONS

•	Ability to work in a traditional professional office setting and operate a personal computer

•	Occasional overnight travel, in most cases by air.

•	Work schedule determined by project schedules.

Qualified applicacants should send a letter of interest and resume to DQVHR@dentaquest.com