Manager, Security Architecture
Positions available in Dallas, St. Louis and Montvale
- Define information security controls and patterns that support risk assessments and support the development of secure architectures
- Provide technical security expertise to teams’ solutions including communicating security architectural decisions, benefits, and risks
- Collaborate with technology architecture teams by performing security analysis of proposed architectures, providing risk assessment feedback, including security requirements
- Provide security consulting services internally to the organization by giving security guidance and functioning as an information security subject matter professional
- Draft information security standards and baselines
- Interact with project teams to provide advice on security and assist with compensating control alternatives where security requirements cannot be met
- Minimum five years of progressive security architecture experience; preferably within a professional services firm or similar environment
- Bachelor’s degree from an accredited college or university; Preferred certifications in CISSP, (ISC)2 CCSP, CSA CCSK, MCSE: Cloud Platform and Infrastructure, AWS Certified Solutions Architect
- Technical experience with one or more of the following areas: identity management, Active Directory, Intrusion Detection/Prevention and NGFW (Sourcefire, Palo Alto), endpoint protection (Symantec, Bit 9), cloud infrastructure (Azure, AWS), web application firewalls (Imperva)
- Experience designing and implementing secure architecture and reference architectures: from business requirements gathering to technology rollout oversight, including capacity management, definition of scoring methodologies for technology selection, integration of multiple tools and reporting functionalities, technical documentation
- US citizenship required
Manager, IT Risk Assessment
Positions available in Dallas, St. Louis and Montvale
- Perform information security risk assessments of technology enabled projects; activities include vendor reviews, security requirement definition, facilitation of security testing and management of residual risk
- Advise and guide project teams regarding compensating control alternatives where security requirements cannot be met
- Act as the primary point of contact between IT project teams and IT Security groups to help ensure that appropriate security resources are scheduled and that security-related project objectives and timelines are met
- Perform Vendor Security assessments activities include evaluation of vendor controls and practices, process enhancements, performing on site assessments, reviewing security test reports, and analyzing and developing security requirements
- Communicate and track remediation plans with vendors and IT teams and where applicable recommend mitigating/compensating controls
- Five years of experience performing IT security risk assessments and experience in Information Security
- Bachelor’s degree from an accredited college or university; must have CISSP and CCSP certifications
- Demonstrated experience understanding of security principles, IT security controls, and related technologies and products
- Prior experience in conducting Information Security risk assessments
- Strong verbal/written communication, with ability to effectively interact with individuals at all levels of responsibility and authority; must be able to prioritize, delegate, and foster the development of high performance teams to lead/support an environment driven by customer service and team work
- Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously; ability to participate in resource planning processes based on defined organizational plans
Position available in New York City
- Conduct internal auditing activity focused on health sciences areas. (i.e., Manhattan, Valhalla, Bayshore, Winthrop – Long Island, California, and Nevada).
- Provide value added audit services that support management goals and objectives.
Under the guidance of the, responsibilities include but are not limited to:
- Perform basic professional auditing of Health Science Division operations and applies internal audit standards in conduct of work. Work involves interpreting policies, procedures, statutes, and regulations; reviewing and evaluating records; writing and solving problems
- Conduct the Health Sciences related projects from the annual audit plan, as approved, including as appropriate any special tasks or projects requested by management.
- Assist in the investigation of significant suspected fraudulent activities within the Health Science Division and notify management of the results.
- Perform risk-based and compliance audits of the Heath Care control environment and share results with management.
- Actively participate with management in defining business risks associated with major systems implementations, new business processes, new regulations or other change management events to support risk mitigation strategies, relating to Health Care.
- Develop relationships with management team specifically related to Health Sciences. Educate the community on critical issues using various methodologies (training, brochures, opening meetings, risk assessment meetings etc.) and promote change management controls.
- Conduct non-health care audits, as assigned by the.
- Assist in preparing and presenting reports to the management team and audit committees.
Education, Preparation, and Training
- Bachelor or Master’s degree in Accounting from an accredited college
- Thorough knowledge and understanding of Generally Accepted Accounting Principles, Auditing Standards and Regulatory Standards for the Health Science domain.
- Knowledge of Audit Command Language (ACL)
- Extensive Use of Computers
- Extensive time sitting and standing
- Able to lift up to 5 lbs.
- Proficiency with Excel and other Microsoft Office programs.
- Tableau experience desired
- 10-25% travel to the various offices.
- The position will be located at the Westchester Campus approximately 60% of the time and 40% of the time NYC.
- Minimum of eight years performing financial and/or control audits with a concentration of experience in a large hospital/healthcare system or Academic Medical Center
- Substantial knowledge of healthcare management financial and information systems including Electronic Health Records, as well as third-party reimbursement and regulatory issues is required.
- Ability to both work independently, with limited required direction and guidance, and be a trusted advisor in a complex academic organization.
- Strong verbal and written communication skills, to effectively present to peers and management.
- Demonstrated knowledge of the IIA Standards for the Professional Practice of Internal Auditing as developed by the Institute of Internal Audit.
- Understanding of internal auditing standards, Committee of Sponsoring Organizations (COSO) framework and risk assessment practices.
- Understanding of the technical aspects of accounting, financial reporting and information technology.
- Experience in performing multiple projects and working with varying team members.
- Discretion in dealing with confidential information.
Data Quality Analyst
Position available in New York City
- Mine and analyze large datasets, draw valid inferences and present them to management
- Manipulate, analyze and interpret complex data sets
- Monitor and audit data quality; produce and track key performance indicators
- Create data dashboards, graphs and visualizations
- Identify areas to increase efficiency and automation of processes
- Set up and maintain automated data processes
- Identify, evaluate and implement external services and tools to support data validation and cleansing
- Develop and support reporting processes
- Liaise with internal clients to fully understand data content
- Gather, understand and document detailed business requirements using appropriate tools and techniques
- Prepare reports using business analytics reporting tools
- A bachelor’s degree one of the following areas:
- Business information systems
- Computer science
- Information management
- At least 3 years work experience in data analysis
- Work experience in the financial services industry or consulting
- Previous experience in structured finance, risk aggregation reporting or credit analysis is a strong plus.
- Excellent numerical and analytical skills
- Knowledge of data analysis tools
- Familiarity with relational databases, NoSQL databases, and open-source analytics
- Knowledge of data modelling, data cleansing, and data enrichment techniques
- Ability to carry out data quality control, validation and linkage
- Understanding of data protection issues and data governance concepts
- Experience of statistical methodologies and data analysis techniques
- Ability to produce clear graphical representations and data visualizations
- Good presentation and writing skills
- VBA and SQL Server – understanding of Oracle / SQL Developer
- Business intelligence and analytics platforms -, especially QlikView,
- Programming for data and analytics
Cloud Engineer, Intermediate
Positions available in New York City and Chicago
Seeking an Intermediate Cloud Engineer to join the Cloud Engineering team within IT Infrastructure Group. The team is responsible for Cloud Engineering, Architecture, Security and Telemetry. This includes managing Infrastructure as a Service (IaaS) on Amazon Web Services and partnering with teams such as Development and DevOps to modernize infrastructure and application deployments.
Adopted a “cloud first” mentality and has moved many workloads to Amazon Web Services. Is seeking an Intermediate Cloud Engineer to provision new environments on AWS including writing CloudFormation templates and Chef cookbooks for zero touch deployment. This position will also be responsible for the ongoing development of other infrastructure automation tools and think of new ways to secure our environments across Group.
- Develop and maintain infrastructure automation tools
- Partner with DevOps to build and manage a CI/CD framework
- Execute on security best practices for cloud deployments
- Gain a working knowledge of our applications and work with Development to make them more cloud friendly and horizontally scalable
- Ensure system security through industry best practices
- Implement telemetry to improve reliability and availability
The candidate must possess the following skills, experiences and qualities:
- A minimum of 2 years of experience with AWS services such as EC2, S3, VPC, CloudFormation, Route53, ELB, Lambda, API Gateway, RDS, etc.
- A minimum of 5 years of experience working with Linux, Apache and Java environments at enterprise scale
- Experience with Chef
- Ability to script using PHP, Python, Ruby and/or Java
- Solid knowledge of cloud security and best practices
- Good working knowledge of Windows platforms
- Solid background in network, storage and DNS services
- Strong interpersonal, written and verbal communication skills
- Strong problem solving and analytical skills
- Demonstrated ability to work well on collaborative, cross-functional teams. Solid interpersonal skills with ability to work effectively with people of all levels of information technology expertise with a wide range of constituencies and organizational relationships
- Understanding of Project Management tools, techniques and methodologies including agile
- Bachelor’s Degree in Computer Science or relevant work experience preferred