Manager, Information Security

The Manager, Information Security is responsible for the implementation of Coverys' information security strategy and policy and assisting in its development, with the goal of safeguarding the organization against threats, weaknesses and exploits. This role involves both oversite and getting "hands-on" working with the global security team and the wider business to implement and maintain best practice process and procedure alongside appropriate technology. The role will be instrumental in assisting the organization's plans to further mature its security practice through alignment to

NIST CSF 2.0.

The Manager, Information Technology must collaborate effectively with infrastructure and development teams to ensure that transformation activities incorporate relevant security and resilience standards and monitoring from the outset. Essential Duties & Responsibilities Security Strategy & Execution Partner closely with Head of Governance and Security to execute security strategy roadmap for Coverys Implement and execute IT and Information Security strategies that will improve the security and reliability of systems and data. Implement and update security, resilience and information governance standards and procedures as appropriate (using external benchmarks) and ensuring adherence to those standards to drive consistency of practice and organizational maturity. Oversee and develop an ongoing program of vulnerability and operational resilience management, including regular external testing. Work with internal audit to develop a plan for assurance of the effectiveness of the security, resilience and compliance of our services. Work closely with Compliance and Legal teams to ensure that we understand and have documented our regulatory obligations and that we maintain compliance with them Oversee the planning and execution of any security or resilience related external audits.

Security Operations:

Engage with transformation teams to ensure resilience and security are inherent to the delivery of those transformations and allocate the necessary resources. Oversee the benchmarking of our security delivery against

NIST CSF

2.0 and then develop a plan to increase our maturity from both a policy and practice perspective. Regularly review and hone the toolsets required to monitor for, protect from, and respond to cyber incidents. Ensure timely and viable incident response processes are in place. Reporting Ensure we collate and regularly report on security governance metrics to leadership. Accountable for key metrics that we will be establishing and maintaining for security operations progress. Team Management Oversee the activities of the team and ensure clarity of roles and appropriate allocation of resources. Ensure that we maintain and monitor a suite of staff training in relation to security awareness skills and required behaviors. Manage partners, stakeholders, vendors and third-party service or solutions providers of relevant IT Security services. Carry out supervisory responsibilities in accordance with the organization's policies and applicable laws. Responsibilities include interviewing, hiring, and training employees; planning, assigning, and directing work; appraising performance; rewarding and disciplining employees; addressing complaints and resolving problems. Support evolving business needs, as applicable. Education, Experience, Competencies & Values Bachelor's degree in Computer Science, Information Systems, or STEM subject from an accredited college/university, required. 5-8 years operational experience in information security within a regulated environment, required. 2-3 years experience in a supervisory role, required. Professional certification in information security, such as CISA, CRISC, CISSP or CISM, highly preferred. Experience in managing information security audits, required. Experience with information security within an environment that has regulatory requirements e.g. HIPAA, required. Strong technical skills, with experience of firewall technologies, vulnerability management and remediation across a variety of technology platforms, managing security in cloud environment. E.g. Azure, AWS, required. Excellent interpersonal and communication skills. Ability to communicate effectively and influence stakeholders to implement Information Security recommendations. Knowledge and experience of Firewalls, Identity Management, Managing Security in M365 and Azure, highly preferred required. Knowledge and experience of MS Purview, highly preferred. The base salary range for this role is $159,700 - $187,900. Individual compensation packages are based on a variety of factors that are unique to each candidate including geographic location, skill set, experience, qualifications and education. If you're a caring and customer focused individual who enjoys working with passionate team members, Coverys is the right company for you! They say an organization is only as good as its people. Here at Coverys, we believe that our employees are our most valuable asset. Each of our positions is thoughtfully crafted to ensure alignment with our mission, and every opportunity to join our team is an opportunity to support and protect the healthcare community. Our open positions offer you the chance to join a team of compassionate, dedicated, and resilient employees who are committed to becoming the best in the business. We are an organization committed to growth and professional development, keeping up to date with changes in the healthcare industry to ensure we're providing our insureds with the best possible support. All the while, we are committed to our employees and listen to the needs of our internal talent. Our benefits package is available day 1 of employment, so you never miss a beat. There is truly something for everyone in our benefits package, whether you are raising a family or a furry friend, or you're an avid traveler who uses PTO to chase down your next adventure. The important work done by Coverys employees is not limited to what's done at our desks. Throughout the year, we provide ample opportunities to get involved in our local communities. We get involved, we raise money, and we give back. Connecting with colleagues takes on new meaning when you're elbow-deep planting trees or rolling up your sleeves serving lunch to those in need. The giving doesn't end there—Coverys cares about the initiatives near and dear to your heart. That's why we offer directed donations, as well as company matchings, to support the organizations that you are personally involved with. Coverys is a dynamic organization, with opportunities to join our team across the US, as well as internationally in the UK and Ireland. Coverys is an equal-opportunity employer. Coverys' job openings are open to all without regard to race, color, national origin, gender, gender identity, religion, age, height, weight, disability, political beliefs, sexual orientation, marital status, family status, or veteran status.