Description:
The IT Security Specialist is responsible for installing, configuring, and maintaining security software designed to prevent external attacks on the company’s internal network. They monitor the company’s network for any breaches or vulnerabilities, devising plans to reinforce security as necessary.
Regular full-time position, includes benefits.
Essential Duties:
Ensures that security updates are up to date across all systems in the organization.
Performs network tests and firewall testing, creating patches or implementing new protocols as needed.
Monitors security administration to ensure best practices are followed.
Establishes connections with complementary departments (e.g., Compliance) to ensure adherence to security protocols.
Analyzes network systems and structures to ensure the most secure approach is being used.
Ensures that security tools are functioning properly across company networks and devices.
Investigates emerging threats and safeguards that can protect sensitive data, private, and confidential information.
Protects the organization’s digital system.
Develops systems for specialized security requirements based on the company’s specific needs.
Optimizes systems to ensure the network supports and responds to business needs and operations.
Identifies and presents findings, reports, and solutions to upper management.
Studies devices and implements the best security protocols for mobile phones, tablets, laptops, and other technological equipment.
Assists in maintaining compliance with internal and external audits, such as SOC, HIPAA, Risk Assessments, among others.
Evaluates the effectiveness of existing security measures, such as firewalls, password policies, intrusion detection systems, intrusion prevention systems, and annual internal/external penetration assessments.
Leads the response effort to safeguard remaining data, determines how the event occurred, and recovers data as much as possible to minimize financial loss and work disruption in case of a breach or attack.
Reviews diagnostics and assesses the functionality and efficiency of system security.
Assesses the organization’s infrastructure and data to identify vulnerabilities caused by weaknesses or flaws in software and hardware that could expose the infrastructure to an internal/external security breach.
Develops IT security policies that establish varying levels of access to corporate applications, systems, and data, while providing a formalized set of cybersecurity rules.
Develops, reviews, and implements cybersecurity training and awareness programs to help each employee learn how to protect data information.
Reviews new system security products, such as firewalls, antivirus software, and software to protect the network from internal/external attacks.
Monitors system security across all corporate networks.
Supports and operates automated system security testing tools for web, mobile, and cloud applications to identify security risks and recommend appropriate controls to mitigate findings.
Ensures confidentiality and compliance with all state and federal regulations applicable to Health Call Centers, including HIPAA and the internal policy for disposing of confidential material.
Immediately notifies any exposure of Protected Health Information to the supervisor.
Complies with essential and functional training, and all procedures established by regulatory agencies, contractual requirements, and any applicable certification standards (including but not limited to URAC, among others).
Performs other related duties as assigned.
Requirements:
Bachelor’s degree in Computer Science, Cybersecurity and Information Assurance, Network Operations and Security, or a related area.
Minimum of three (3) years of experience in System Security in the Health Industry.
Critical thinking and analytical skills to identify and diagnose threats.
Problem-solving skills to develop effective procedures and plans.
Extensive knowledge of compliance laws and regulations within the Health Industry, cloud application services, and the software design cycle.
Strong knowledge in all types of IT security: Network security, Internet security, Endpoint security, Cloud security, and Application security. Forti Analyzer, Fortinet (Firewall), Forti APs, and Sophos antivirus management console.
Knowledge of Cloud Telephony Infrastructure (AWS).
Knowledge of virtualization (VMware, KVM, AWS) and cloud services concepts is a plus.
Knowledge of Scrum and agile software development methodologies is a plus.
Excellent analytical skills, time, and priority management.
Fully bilingual (English and Spanish) with excellent verbal and written communication skills to write reports, train staff, and collaborate with other IT members and interdepartmental teams.
Multitasking skills to complete other tasks while monitoring data systems.
What are the benefits of being part of our Health team?
Regular contract
Health plan and life insurance
Retirement plan
Paid leave benefits
In-service training, regulatory aspects, and health training
24/7 telemedicine service
Free health and wellness programs for employees
Growth and development opportunities
Contributing to the health and well-being of the population
Job Type: Full-time
Work Location: Remote - Hybrid in Guaynabo or Mayagüez PR (Requires fully on-site training period)
EQUAL OPPORTUNITY EMPLOYER - (EEOC)