Job Description
Who We Are:
Nonstop Administration and Insurance Services, Inc. is a fast-growing health insurance organization with a firm belief that everyone should have access to high-quality, affordable healthcare. We offer an employer-sponsored group health insurance solution called Nonstop Health ™ to achieve this goal.
What Nonstop is Looking For:
Nonstop is seeking a Director of IT and Information security committed to maintaining the highest cybersecurity standards, compliance, and data protection. This role demands a professional with several years of successful experience in IT and cybersecurity to support our continued growth and commitment to security. If you are an experienced leader in the IT field with a passion for cyber security we would love for you to join our team.
Requirements
Key Responsibilities: These key responsibilities are crucial for maintaining the security and resilience of the Nonstop digital infrastructure and data assets. The ideal candidate will excel in these areas while also addressing the specific requirements outlined in the job posting.
Key Responsibilities:
- Cybersecurity Leadership: Lead the development and implementation of a comprehensive cybersecurity strategy to safeguard the Nonstop digital assets.
- Compliance: Ensure adherence to HIPAA and NYDFS compliance standards while leading the implementation of NIST 2.0 compliance requirements.
- IT Security Management: Oversee the management of IT security operations, including risk assessment, incident response, and vulnerability management.
- Internal IT System Management: Supervise our IT Manager and set strategic direction for the use of IT systems in the operation of the various work-from-home teams at Nonstop.
- Vendor management: Oversee and optimize the relationships between Nonstop and external technology vendors or service providers.
- Data Analytics: Manage and collaborate with the data analytics team to ensure data security, privacy, and integrity, as well create and maintain a process that can facilitate this team to serve all departments of Nonstop on an ongoing, consultative basis..
- Technology Proficiency: Demonstrate cybersecurity knowledge in AWS cloud framework, Google Workspace, JAMF, Hyperproof, and other relevant tools to optimize our security infrastructure.
- Standard Director Responsibilities: In addition to the specific duties mentioned above, the successful candidate for the Director of IT role at Nonstop will be responsible for the following standard director/managerial duties:
- Policy Development and Enforcement: Develop, implement, and enforce Information Security policies, procedures, and standards to mitigate risks and ensure compliance with industry regulations and best practices.
- Risk Management: Identify, assess, and manage security risks across the organization. This includes conducting risk assessments, establishing risk management frameworks, and ensuring the organization's risk tolerance aligns with its business goals.
- Security Awareness Training: Develop and deliver security awareness and training programs to educate employees about security threats, best practices, and their role in safeguarding company data.
- Incident Response and Management: Lead the incident response team in the event of security breaches or incidents. Develop incident response plans, coordinate responses, and ensure timely resolution while minimizing damage.
- Vendor and Third-Party Risk Management: Evaluate and manage the security risks associated with third-party vendors and partners. Ensure that vendors adhere to Nonstop's security and compliance requirements.
- Security Audits and Assessments: Collaborate with internal and external auditors to assess and validate the effectiveness of security controls, compliance with regulations, and alignment with best practices.
- Security Technology Evaluation: Stay current with emerging security technologies and evaluate their effectiveness in enhancing the organization's security posture. Recommend and implement tools and solutions that align with Nonstop's security strategy.
- Security Metrics and Reporting: Establish key security performance indicators (KPIs) and report on the state of the company's security to executive leadership and stakeholders regularly.
- Budget Management: Develop and manage the cybersecurity budget, ensuring that resources are allocated effectively to support security initiatives and projects.
- Compliance Monitoring: Keep abreast of changes in regulatory requirements and ensure that Nonstop remains in compliance with all applicable laws and regulations related to Information Security.
Required Skills, Experience, and Education:
- Bachelor’s Degree
- 5 to 7+ years of experience in a similar senior position within IT and Information Security
- Strong understanding of HIPAA, NYDFS, and NIST 2.0 cybersecurity compliance standards.
- Proficiency in AWS cloud framework, Google Workspace, JAMF, Hyperproof, and other relevant technologies.
- Excellent leadership and communication skills.
- Experience driving change and creating a culture of security within the organization.
- Proven successful leadership experience in a senior IT role or a similar senior security leadership position
Perks and Compensation:
- Full-time/Salary/Exempt position.
- Salary Range $155,000 to $165,000
- Fully remote position.
- Competitive pay rate commensurate with experience.
- 401(k) plan participation with employer-matched contributions.
- Cellular and Internet Reimbursement.
- Full medical, dental, and vision benefits with 100% employer-paid premiums.
- Education Reimbursement.
Physical Requirements:
- Prolonged periods sitting at a desk and working on a computer per day.
- Repetitive use of fingers, hands, elbows, and arms including typing, reaching, grasping, and writing.
- Ability to lift, carry, push, pull, and carry 5-30 pounds occasionally.
- Hearing and speaking ability sufficient to carry on a conversation with another individual (or groups of individuals) in person and over the telephone and video communication.
- Visual ability is sufficient to read and produce printed material and Information displayed on a computer screen.
Nonstop provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.