VP of Information Securitying Specialist

Zotec Partners is the undisputed leader in revenue cycle and practice management, offering the best technology, service and expertise for hospital-based physicians and physician groups. Our world-class learning organization attracts, engages and retains top talent in order to provide measureable results for our clients and their patients.

The Vice President of Information Security is responsible for establishing and implementing the corporate strategy and goals, policies and procedures, and security controls for information security at Zotec Partners. This includes the recommendation of Information Security investments and procedures to mitigate risks, strengthen defenses and reduce IT related vulnerabilities. This is a hands-on position and will work closely with other business groups and stakeholders, including all technical teams, Compliance and Legal, to ultimately ensure the protection of information and assets including data, systems, databases, networks and other resources **Primary Responsibilities:** * The responsibilities of this position include, but are not limited to: * Provide subject matter expertise to executive management on a broad range of information security standards, best practices and compliance requirements, specifically related to healthcare. * Provide education and advisement to IT and business executives as needed on information and security risk and compliance issues as well as appropriate mitigation strategies and approaches. * In conjunction with other internal stakeholders; develop, implement, enforce, and monitor a strategic and comprehensive enterprise information security risk and compliance management program. * Work closely with the IT, Development and Security functions to develop, and maintain policies, standards, processes, and procedures to assess, monitor, report, escalate and remediate risk and compliance issues in relation to IT. * Work to communicate and ensure compliance with organization security policies and standards; proactively work with other departments and the field to implement practices that meet needed standards for information security. * Perform or source IT risk assessments, audits, and security incident investigations. * Collaborate with EVP of Compliance to ensure regulatory compliance (e.g. HIPAA, PCI, SOC2). * Ensure all application projects consider IT security implications and that information security risks have been identified and addressed during the development stages. * Stay abreast of trends and advances in IT information security solutions and monitor changes that may affect information security. * Other duties and responsibilities as assigned.

The successful candidate will possess these traits and skills: * Demonstrates excellent professional judgment: an ability to make good decisions in a fast paced, high change environment; an ability to identify and address core issues vs. symptoms * Rapid and self-motivated learner * Ability and willingness to effectively challenge assumptions to drive better approaches * Ability to explain, document and present information security risks in a clear, concise and understandable manner * Ability to effectively work at both a strategic and a hands on tactical level * Demonstrates understanding of technological trends and developments in the areas of information security, risk management, web architectures and cloud computing * Extensive knowledge and experience in Information Security, both technical and organizational requirements * Experience in regulatory compliance as well as organizational quality and control standards (e.g. HIPAA, PCI, SOC2) * Experience in Information Security strategy development and deployment * Active in information security industry groups and forums * Bachelor’s degree in Computer Science, IT, Engineering or a related discipline * Minimum 10+ years of hands-on experience within the information security field and 5+ years of management experience in an information security role in healthcare