- Medical, dental, vision, and life insurance benefits are available from the first day of employment
- Excellent work/life balance
- 401(k) with employer match
- Flexible PTO
- 12 paid holidays
- Remote work depending on the role
- Career growth opportunities
- Incentive plans depending on the role
- Computers and necessary work equipment are provided
- Manage high-visibility and mission-critical infrastructure security upgrade projects.
- Delegating and prioritizing work, setting goals, developing and managing performance for the Security Analyst.
- Involve with various committees to include but not limit to Revecore’s Compliance Committee.
- Inform management and staff of Information Security and cybersecurity risks and the role of staff in protecting information via training and presentations.
- Prepare reports on security activities and metrics to provide to the VP of IT infrastructure and the CTO.
- Proactively present emerging topics prior to them becoming issues and/or concerns.
- Manage the security awareness program and conduct test simulation periodically.
- Engage with third parties for effective third-party management practices including third-party risk management.
- Monitoring and detection of third-party risks and/or issues (e.g. poor security practices or contract expiration)
- Conduct and manage application security & risk assessments including client security, questionnaires and assessments.
- Identify, and monitor security vulnerabilities and outbreaks of security risks.
- Work with management in the lines of business to understand the flows of information, the risks to that information, and the best ways to protect the information.
- Implement the Information Security / Cybersecurity strategy and objectives including strategies as directed by the VCISO, to monitor metrics & reports and manage current and emerging risks.
- Mange the organization's risk register, manage and monitor IT Risk Acceptances.
- Updating and enhancing IS Policy and supporting procedures.
- Create and maintain an up-to-date security calendar.
- Review backup logs and ensure continuous air gapped backups.
- Assist with SOC II audits and drive the completion of audit responses and tasks.
- Conduct daily reviews of operational tasks.
- Provide operational guidance for ongoing security initiatives.
- Investigate, properly track and document incident reports
- Proven experience implementing and/or growing a security program.
- Active CISSP certification or on-track to receive it is required for this role.
- Strong knowledge of Cybersecurity Regulations and Information Security best practices.
- Developing reports and recommendations to be presented to senior leadership.
- Experience leading, managing, and developing Security Operations talent.
- Extra credit if you have experience with SOC II audits and HIPPA compliance and best practices.
- Strong analytical and problem-solving skills with immense attention to details and capability to identify issues and/or improvements.
- Excellent writing and communication skills (including reading and writing).
- Strong work ethic, positive attitude, and a sense of ownership.
- Ability to travel up to 10% as required.
- A quiet, distraction-free environment to work from in your home.
- A secure home internet connection with speeds >20 Mbps for downloads and >10 Mbps for uploads is required.
- The workspace area accommodates all workstation equipment and related materials and provides adequate surface area to be productive.
We believe that a diverse workforce fosters innovation and creativity, enriches our culture, and enables us to better serve the needs of our clients and communities. We welcome and encourage individuals of all backgrounds, perspectives, and abilities to apply.