Lead Specialist, IT Security

at American College of Surgeons in Chicago, Illinois, United States

Job Description


About the American College of Surgeons
The American College of Surgeons (ACS) is a professional and educational organization of surgeons that was founded in 1913 to raise the standards of surgical practice and improve the quality of care for surgical patients. The College is dedicated to the ethical and competent practice of surgery. Its achievements have significantly influenced the course of scientific surgery in America and have established it as an important advocate for all surgical patients. The College has more than 90,000 members and is the largest organization of surgeons in the world. For more information, visit
Summary: The Lead Specialist, IT Security is responsible for ensuring the security and integrity of the College's IT posture across all locations, including Washington DC and Chicago. This role involves managing and supporting the security of servers, storage, backups, Internet connectivity, security protocols, and related IT components, both on-site and in the cloud. The Security Lead role will collaborate with the infrastructure teams to resolve complex support issues, maintain both wired and wireless networks, and stay abreast of industry security trends. This individual will also be tasked with identifying and implementing strategic security upgrades to enhance the College's IT environment, thereby ensuring the protection of critical business operations. This position is responsible for working with internal and external partners and auditors to ensure that the College is following all security controls.
This exempt position oversees a security analyst and reports to the Chief Information Officer in the Division of Information Technology.
Risk Management and Assessment Example Responsibilities: work with appropriate partners to conduct comprehensive risk assessments to identify potential vulnerabilities and threats; develop and implement risk mitigation strategies to reduce the likelihood and impact of security incidents; perform regular security audits and reviews to ensure compliance with security policies and standards; and utilize risk management frameworks such as NIST to guide security practices.

Security Operations and Monitoring Example Responsibilities: oversee the implementation and management of security monitoring tools such as SIEM (Security Information and Event Management) systems; analyze security logs and alerts to identify potential security incidents and ensure timely response; manage and maintain security infrastructure including firewalls, intrusion detection/prevention systems, and antivirus solutions; ensure continuous monitoring and improvement of the organization's security posture.

Compliance and Governance Example Responsibilities: ensure compliance with relevant regulations and standards such as GDPR, HIPAA, PCI-DSS.; develop and enforce security policies, procedures, and standards in alignment with organizational objectives; conduct regular security awareness training for employees to promote a culture of security; and prepare and present compliance reports to senior management and regulatory bodies as required.

Security Architecture and Design Example Responsibilities: collaborate with IT and business teams to design and implement secure system architectures; provide security guidance and best practices during the development and deployment of new applications and technologies; conduct security reviews and assessments of new and existing systems to identify and address security vulnerabilities; and develop and maintain secure coding standards and practices for software development teams.

Threat Intelligence and Vulnerability Management Example Responsibilities: monitor and analyze threat intelligence feeds to stay informed about emerging threats and vulnerabilities; conduct regular vulnerability assessments and penetration tests to identify weaknesses in the organization's security posture; work with IT teams to prioritize and remediate identified vulnerabilities in a timely manner; and develop and implement proactive measures to protect against advanced persistent threats (APTs) and other sophisticated attacks.

Incident Response and Management Example Responsibilities: develop, maintain, and execute incident response plans to effectively address security breaches and incidents; lead the investigation and analysis of security incidents to determine root causes and implement corrective actions; coordinate with internal... For full info follow application link.

Equal Opportunity Employer of Minorities, Females, Protected Veterans,
and Individuals with Disabilities
•All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, or national origin. We are also an equal opportunity employer of individuals with disabilities and protected veterans. 
•Please view Equal Employment Opportunity Posters provided by OFCCP  here.

Copy Link

Job Posting: 11977823

Posted On: Jun 14, 2024

Updated On: Jul 10, 2024

Please Wait ...