Director Infrastructure and Security (Healthcare IT & HITRUST)

Infrastructure & IT Operations:

• Leading management of Azure cloud computing resources colocated data center and office sites onpremises virtualized server platforms and networks focusing on high performance scalability and cost optimization.
• Design and implement robust resiliency strategies ensuring business continuity aligned with industry best practices to ensure client SLA compliance
• Manage relationships with vendors negotiate contracts and implement solutions to maximize infrastructure value.
• Direct the planning and execution of hardware and software upgrades balancing innovation with cost control.

Security & Compliance Management:

• Establish and enforce policies that protect infrastructure sensitive data and maintain compliance with healthcare industry security regulations frameworks and standards (HIPAA HITRUST SOC2 NIST).
• Conduct regular assessments patch management and vulnerability scans to mitigate risks in a budgetconscious manner.
• Lead efforts in preparing for external audits managing information security incidents and ensuring effective compliance with regulatory standards.
• Support initiatives to secure sensitive healthcare data in compliance with federal and state laws and client contracts.
• Conduct periodic independent risk assessments and manage thirdparty audits such as for HIPAA compliance SOC2 and HITRUST certification/recertification.
• Implement security procedures ensure workforce awareness and educate staff about security best practices and policies.
• Manage the selection and deployment of essential security applications and tools such as Sophos Antimalware Qualys Penetration Testing ManageEngine Log360 Application Manager AD Audit Plus and Endpoint Central etc. to ensure comprehensive protection across infrastructure.
• Advise on security capabilities and lead practices for mitigation of vulnerabilities and emerging threats identified through internal scans testing and security agency bulletins (e.g. US CERT CISA) ensuring proactive response to risks.

Strategic IT Policy & Governance:

• Drive policies for infrastructure management security frameworks and system access ensuring alignment with SpectraMedixs goals and industry best practices.
• Provide input on IT infrastructure investments prioritizing scalable and costeffective solutions that align with longterm organizational needs.
• Review records of information system activity such as audit logs access reports and security incident tracking ensuring continuous improvement.

Leadership & Collaboration:

• Manage and mentor teams including Network/System Engineers Administrators and Security Analysts fostering a culture of continuous improvement and technical excellence.
• Performs workforce management functions for Infrastructure & Security department including setting departmental and individual objectives and key results performance reviews etc.
• Act as a key liaison supporting IT and security initiatives with leadership system/data owners SaaS application managers project managers as well as client executives.
• Collaborates with Sales Team to define infrastructure and security requirements and estimated costs for proposals RFPs and client SOWs and change requests.
• Oversee security policies compliance programs and collaborate with security champions across departments to cultivate a strong security culture within the organization.
• Support facility planning regarding physical security disaster recovery and infrastructure resilience planning for business continuity.
• Direct activities of IT security and ensure compliance with security standards and frameworks (NIST 80053 SOC2 HITRUST).

Qualifications :

• Minimum of 10 years in IT infrastructure and security management preferably in healthcare IT or population health with a strong record of managing cloud and onpremises infrastructure regulatory compliance and performance optimization.
• Proven experience in leading security compliance efforts (HIPAA HITRUST SOC2) and implementing disaster recovery and business continuity plans.
• Extensive knowledge of network and data security systems including firewalls encryption and monitoring tools (e.g. FortiGate ManageEngine). Advanced skills in systems and network administration (Windows Server Linux) virtualization (HyperV VMware) and hybrid cloud platforms (Azure preferred) with a focus on costeffective secure operations.
• Knowledgeable and experienced with cybersecurity practices including incident response vulnerability assessment and threat mitigation.
• Strong understanding of federal and state healthcare data protection laws with practical skills in audit readiness and compliance.
• Skilled in analyzing and enhancing IT security through risk assessments and external security audits.
   

Educational Qualification: Bachelors or Masters in Computers / Information technology or related discipline

Certifications:

• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM)
• IT Infrastructure Library (ITIL) certification for service management or similar certifications.
• Cloud certifications (e.g. Microsoft Certified: Azure Fundamentals AZ900 or AZ500 for securityfocused roles).

Additional Information :

All your information will be kept confidential according to EEO guidelines.

Remote Work :

No

Employment Type :

Fulltime