Information Security Director

View Company Profile
View all jobs from this company

<< Go back

Post Date: Mar 07, 2019
Job Type: Full-time
Start Date: - n/a -
Compensation: - n/a -
Location: US - Tennessee - Nashville
Reference: - n/a -
    Email Job to a Friend
    Save Job to Inbox
    Printer Friendly


Who is Qualifacts?

Qualifacts Systems, Inc. is a 5-time honoree on the Inc. 5000 list, making us one of the top behavioral health EHR providers on this exclusive ranking of the nation's fastest-growing private companies. As part of the team you will focus on what is important to get the best from yourself and your co-workers in an open, evolving, and supportive environment guided by values of integrity, compassion, collaboration, passion, and accountability. Join us in making a meaningful impact in the lives of our customers and the people they serve!


Job Summary

The Director of Information Security is responsible for protecting Qualifacts’ computers, networks, and data against threats, such as security breaches, computer viruses or attacks by cyber-criminals.  This role provides the enterprise with a clear understanding of the challenges of information security that Qualifacts must face and the leadership (analytical and problem-solving) to define the strategy and plans to address these challenges. The individual in this role will work closely with our Legal & Compliance Director and across all levels of the organization in identifying and implementing appropriate security measures. The role requires someone extremely hand's on, highly collaborative and willing to dig into the details to envision and implement security solutions in partnership with other QSI IT Professionals, QSI Business Departments, and 3rd Party organizations.


Primary Responsibilities

  • Assess the organization’s security measures, such as firewalls, anti-virus software, and passwords, to identify any weak points that might make information systems vulnerable to attack. Lead both internal and 3rd party tests of all security measures and solutions. 
  • Prioritize security coverage to ensure that data receives the highest levels of protection.
  • Develop information security policies, procedures, and practices which meet published industry standards.   The position will be responsible for ensuring compliance with this published governance standards through internal audit and 3rd party verification.
    Establish procedures and automated processes to monitor the status of computers and networks which are employed by QSI IT Operations and 3rd Parties.  Respond to any notification from 3rd Party or via internal monitoring system detecting unusual patterns of behavior.  Lead any efforts which are in response to threats, incidents or material breaches in partnership with internal QSI departments and 3rd Party organizations.
  • Identify, sponsor and provide oversight for all security lead initiatives within QSI.  The manager will be a driving stakeholder on numerous initiatives, as well as, a subject matter expert on others.
  • Provide leadership, supervisory management and mentorship to direct report (s) and any dotted line staff
  • Support Sales, Marketing and other departments regarding information and security initiatives/roadmaps which materially support their organizations.
  • Participate in prospect and customer briefings and opportunities. 


Key Qualifications

  • Bachelor’s degree in Information Technology or Computer Science from an accredited college or university or equivalent work experience
  • 5+ years in progressively sophisticated roles in information security, coupled with demonstrable experience in various Cybersecurity domains, including risk management, compliance, security strategy, security engineering, and/ or operations
  • 3+ years developing security programs by reviewing existing programs; conducting comprehensive reviews of threats; evaluating and analyzing relevant data points.
  • 3+ years architecting and designing security solutions (SIEM, IDS, etc.).
  • 3+ years developing Information Security Policies, Procedures, and Practices
  • 3+ years formulating executive level recommendations related to Information Security strategy
  • Demonstrated experience developing incident response plans and procedures, and advise clients on steps to achieve incident response readiness (logging and monitoring configurations, triage and escalation procedures, wider stakeholder liaison, etc.)
  • Demonstrated experience in assessing IT network and security architectures as they relate to managing identities and access privileges, delegated administration models, workflow and access control models
  • Demonstrated understanding with the current regulatory environment and related implications to security management compliance
  • The position requires a strong, diverse technical background and truly exceptional oral and written communications skills

  • The candidate must demonstrate proven success in working in a team as well as independently and exhibit follow-through to understand root causes of issues

  • This position requires handling multiple engagements with overlapping deadlines. A demonstrated ability to write clear, coherent and precise reports on a multiplicity of complex technical issues is essential

  • A collaborative approach is a must, as well as the ability to effectively communicate with a wide range of technical and non-technical personnel


Additional Preferred Qualifications

  • 10+ years related information security experience
  • Security certifications (CISSP, CISA, CISM, GIAC, OSCP) a plus
  • MBA preferred
  • Experience negotiating vendor contracts
  • Experience presenting to executive