As the #1 advisor for developing and empowering people to deliver the highest quality care, HealthStream’s brands include best-in-class apps, software, and specialized solutions. Over the last 30+ years, our Company has remained committed to solving big problems and growing into new product lines. We are constantly innovating and finding new ways to positively impact healthcare organizations.
What does our values-based culture offer you?
A collaborative work environment
A mission-oriented mindset
Work-from-home flexibility
A chance to grow your career
All our HealthStreamers share a common vision: to improve the quality of healthcare by developing the people who deliver care. For over 30 years, we have remained committed to providing effective solutions through innovation and constant growth. Today, we offer a unified suite of products to streamline scheduling, credentialing, training and learning management, workforce development, and other key areas in the healthcare industry. We provide recurring value and, as a HealthStreamer, you will be at the forefront of healthcare technology innovation!
We offer work-from-home flexibility as part of our hybrid workplace policy. Our three Resource Centers (located in Nashville, TN; Boulder, CO; and San Diego, CA) are available for scheduled in-person events or assigned workspaces for those who want to work in the office. Remote team members also have access to flexible space scheduling for occasional use.
We encourage collaboration and commit to growth for our entire team. Our thriving culture allows our team members to continuously solve big problems, and we value these contributions. If you want to work for a company committed to its values and vision, HealthStream is the place for you!
We make sure patients receive competent care from qualified people. As a HealthStream team member, you would help this vision come to life. We pride ourselves on being a community where you can both build your career and take time away to fulfill your life goals and commitments.
Your Role As a HealthStreamer
Position Summary
Under the direction of the Senior Director Information Security, the Sr. ManagerThreat and Vulnerability Manager is responsible for overseeing the design and implementation of all facets of HealthStream’s TVM program. Primary role will be supporting the duties of the Information Security Department, specifically vulnerability scanning and monitoring, and mentoring security analysts/admins/engineers to increase security knowledge and skills. Candidate should be familiar with fundamental concepts of security architecture and design, identity management, risk assessment, compliance, application security and security awareness training. Will provide guidance for the governance, risk, and compliance (GRC) and Application Security teams as needed.
Essential Duties and Responsibilities
You will be responsible for adhering to all HeathStream security policies, procedures, and assigned training.
Expected to assist in projects, conduct vulnerability assessments and represent the logical and physical security interests for HealthStream’s information systems and electronic information assets in a variety of settings.
QualificationsWhat You Will Need to be Successful
Education, Experience and Knowledge Required
Manages day to day security operations including monitoring of all security tools and response to all security threats
Manages security projects/architecture to ensure appropriate security levels for organization and maintains functionality and operation for business
Drives security initiatives and goals to completion through identifying security champions, developing relationships and building formal programs to promote information security in other departments and teams
Participates in developing, recommending, and delivering information security training
Participates in the development of an Information Security Program and Security Operations Procedures
Participates in development of security strategy for the organization
You will play a key role in building and maintaining this culture as our organization grows
Single point of contact for all security issues – needs to be able to provide leadership across multiple environments
Security Controls & Risk Management – Ability to work with teams across the organization and 3rd parties to deliver results
Data Protection – work closely with operations and development teams to implement and maintain appropriate security controls
Incident Management – managing potential data breaches and presenting incident reports to senior leadership
Participate in maturing the Threat and Vulnerability Risk Management Program
Project Management on various security projects such as conducting scans on applications, or converting applications to SSO/ESO/MFA, or executing third party audits and penetration tests
Thought leadership – Review security policies and standards and suggest improvements
Skills and Abilities Required
Ability to identify and assess complex problems for area of responsibility and create solutions in situations that require in-depth analysis and knowledge of organizational objectives
Ability to keep up to date with the latest security trends
Understand company policies and standards and be able to translate to business users
Leadership skills to allow the individual to interact well with customer leadership, as well as internal leadership
Ability to interface with customers and suppliers via strong written and verbal communications skills
Excellent organization/time management and problem-solving skills
Project Management Skills
Minimum of 7 years of experience in a technology / security related position
3 years' management experience leading teams
Experience working with compliance frameworks and SIEM (Security Information and Event Management) systems
Comprehensive knowledge of compliance frameworks such as Sarbanes-Oxley, PCI, or ISO. HITRUST knowledge is a plus.
Comprehensive knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices
Comprehensive technical knowledge of network, PC, and platform operating systems, including Cisco, Microsoft, and Linux
Advanced ability to conduct research into security issues, standards, and products as required
Advanced ability to work on Information Security sponsored projects, which includes providing necessary documentation, establishing and meeting timelines
Advanced ability to promote Security Awareness training
Advanced ability to create and/or maintain documentation including policies, procedures, security awareness tips, and compliance reports
Benefits
HealthStream offers a comprehensive benefits package to eligible employees, including:
Medical, Dental and Vision insurance
Paid Time Off
Parental Leave
401k and Roth
Flexible Spending Account
Health Savings Account
Life Insurance
Short- and Long-Term Disability
Medical Bridge Insurance
Critical Illness Insurance
Accident Insurance
Identity Protection
Legal Protection
Pet Insurance
Employee Assistance Program
Fitness Reimbursement
If you have a passion for improving healthcare outcomes and empowering healthcare workers, come join the HealthStream team! We hope you join us and be a HealthStreamer!