InfoMC is a fast-paced, growing company which provides collaborative healthcare process management technology to improve the quality, cost and value of care. At InfoMC, we believe that it is possible to directly improve care through technology, and provide state of the art capabilities that improve care coordination of chronic illness and wellness. Our solution provides process management software to the commercial and public sector markets, for use in managed behavioral healthcare, disease management, and EAP/Work-Life. Our member centric approach offers integrated technology solutions that enhance interaction between payers, providers and consumers.
The SecOps Engineer is a member of the Technology Operations team and will provide support and enhancements to InfoMC’s information security programs, including our regulatory compliance and security certifications, such as HITRUST and MARS-E. You will work closely with the Product and Development teams to successfully evaluate code-bases for secure practices and work to tighten security in our applications and implementations to prevent data breaches. The SecOps Engineer will automate the monitoring of existing data integrations, applications, and onboarding of future clients to ensure best engineering security practices and standards are upheld. Our healthcare-focused business requires stringent adherence to security policies, procedures, and controls. We expect you are well-versed in a healthcare environment with a focus on the confidentiality, integrity, and availability of client information.
The successful candidate will have a history of repeatedly delivering sustainable solutions that are as simple as they are elegant. You are a constant-learner and strive to set a great example for the team where developing and contributing to a healthy, positive culture is important to you. You are serious about your work and your career and get satisfaction from working on a team that compliments and supports each other.
Duties and Responsibilities:
- Assess InfoMC’s current security framework and future architecture and provide recommendations for risk reduction.
- Contribute to the development, implementation, monitoring, auditing, and maintenance of the information security strategies, policies, and procedures.
- Design and evangelize automated security capabilities in support of DevOps processes.
- Serve as a security expert in application development, database and micro service design, container and/or virtual machine technologies, helping teams comply with information security policies, HIPAA regulations, and best practices.
- Analyze business impact and exposure, based on emerging security threats, vulnerabilities and risks.
- Communicate security risks and mitigations to business partners and product teams.
- Monitor security industry trends, developments and emerging threats including sharing insight with wider team and customers where appropriate.
- Perform security design reviews for infrastructure systems.
- Work with the executive leadership team and HR to enforce security policies.
- Document and communicate security configurations.
- Work with external vendors performing security-related tasks, such as penetration tests.
- Administer security-related infrastructure, applications and cloud services.
- Provide 24/7 on-call support for security issues.
- Strong experience with cloud provider ecosystems, including Amazon AWS, Microsoft Azure etc.
- 3+ years of experience scripting with languages such as PowerShell, Ruby, Python, etc.
- 3+ Experience with security strategy, with a passion to make security realistic, achievable and integrated into the business processes.
- 3+ years of good understanding of security management solutions including IDS, IPS, SIEM, DLP, MDM, WAF, FIM, vulnerability Scanners, and traditional network and host-based firewalls.
- 3+ years of experience implementing continued compliance.
- 3+ years of experience with HITRUST and HIPAA data privacy practices and regulations.
- Solid interpersonal, written, and oral communication skills and ability to effectively work in an agile team
- Local Candidates ONLY – Conshohocken, PA (Suburb of Philadelphia Metro Area)
- Authorized to work in the United States. No sponsorship provided by Company.
Highlighted benefits for being a Team member:
InfoMC is an equal opportunity employer with a generous compensation plan
- Excellent earning potential with qualifying annual bonuses
- Health, Dental and Vision Plan
- Weekly in-office yoga classes
- Weekly lunch (1x) provided, fresh fruit, dry snacks available daily
- Life insurance, short- and long-term disability
- 401(k) retirement savings plan
- Paid holidays and vacation
- Gym on premises
- Community volunteering opportunities
- Conveniently located in the heart of Conshohocken, PA, near the 130-mile Schuylkill River Trail; adjacent to the Conshohocken train station for SEPTA Regional Rail Line
Local Candidates ONLY – Conshohocken, PA (Suburb of Philadelphia Metro Area). Authorized to work in the United States. No sponsorship provided by Company.
Please send resume to: email@example.com