Overview Welcome to EPSi EPSi is the industry leader in integrated financial decision support , budgeting , and planning solutions for the healthcare industry.
More than 900 hospitals in the U.S., including nine of the top 10 rated hospitals, 128 IDN systems, and 40 global academic facilities rely on EPSi for data-driven insight into managing costs and improving their long-range financial performance.
Do you want to make a difference? Are you ready to shape your future into an exciting career? Do you want to work in an exciting environment that will enable you to use your passion, experience, and skills to help change healthcare for the better? With the right team, anything is possible.
The talent of our team is what has made us a leader in healthcare budgeting and decision support.
We hire the best people, and help them grow professionally, ensuring a bright future for our teams and our clients.
The Senior Manager of Information Security is responsible to ensure the confidentiality, integrity, and availability of EPSi's systems and information.
The Senior Manager will lead teams responsible for key security functional area(s) across the organization to reduce risk and support high quality, secure availability and accessibility in accordance with corporate policies.
Position Overview: The role includes maturation and maintenance of information security policies, establishing governance programs, leading risk assessments, and reporting on activity and metrics.
Having experience with HIPAA, Protected Health Information (PHI), and other regulatory and industry frameworks is required.
Experience with security protocols, tools and processes for hosting secure applications in AWS is a foundational requirement for this role.
This leadership role will also participate in the development, implementation and ongoing compliance monitoring of information privacy requirements and responsibilities in vendor contracts and agreements.
This role will include the need to develop and maintain a program that informs the business unit and functional group leadership of the top security risks and overall security health of their organizations.
There will be a component for direct interaction with Sales and Customers- including customer contract review, RFP response, and customer audit facilitation.
Responsibilities Design and develop security/architectures for cloud and cloud/hybrid-based systems, as well as endpoint and network protection Establish a security baseline and coordinate scheduled security tests and certifications Lead and manage security audit processes Design controls and ensure they are adhered as a collaborative business partner within Engineering Leadership Lead and manage key governance components including relevant regulatory and contractual compliance, policy and security awareness and training Defend the business by building and implementing security processes and procedures in order to protect and respond to risk Promote responsible behavior by improving the culture internally to ensure all staff are protecting against possible security incidents Continuous improvement by ensuring security updates are implemented as and when necessary Qualifications Academic and Professional Qualifications: Bachelor's degree in security or relevant technical experience Security related certificates such as CISSP/CISM/CRISC/CISA/CCNA etc.
Experience: At least 7 years of experience in information security with proven management and leadership experience.
Significant knowledge and experience in all facets of information security risk management, security awareness training programs, business continuity and disaster recovery, third-party risk management, information security metrics/KPIs/KRIs.
Experience with to ISO27001, HIPPAA, SOC 1, and SOC 2 implementations Knowledge of industry standard risk management and compliance frameworks (HIPAA, NIST CSF, ISO 27001/2, PCI, etc.) Proven leadership skills Experience with intrusion protection and detections systems Previous experience in the financial industry or healthcare a plus Previous facilitation of Static/Dynamic code scanning, and experience with SAML Travel requirements: Travel requirements up to 10% Working arrangements: Monday through Friday or as defined by assignment requirements EPSi is a stand-alone brand, fully owned by Allscripts, with its own C-level and senior leadership.
When you work for EPSi, you get the advantages and benefits of working with a large, public company with the innovative culture and direction and of a small, nimble company.
At Allscripts, our greatest strength comes from bringing together talented people with diverse perspectives to support the technology needs of 180,000 physicians, 1,500 hospitals and 10,000 post-acute organizations across the globe.
Allscripts offers a comprehensive compensation and benefits package, including holidays, vacation, medical, dental, and vision insurance, company paid life insurance and retirement savings.
Allscripts policy is to provide equal employment opportunity and affirmative action in all of its employment practices without regard to race, color, religion, sex, national origin, ancestry, marital status, protected veteran status, age, individuals with disabilities, sexual orientation or gender identity or expression or any other legally protected category.
Applicants for North American based positions with Allscripts must be legally authorized to work in the United States or Canada.
Verification of employment eligibility will be required as a condition of hire.
LI-GA1 From a "VEVRAA Federal Contractor" We request Priority Referral of Protected Veterans - provided by Dice