The purpose of this position is to manage and perform core information security functions. This includes recommending and implementing security systems, policies, and procedures to ensure compliance with standards, including PCI, HIPAA, and GDPR. Responsibilities also include monitoring and responding to security events, and providing office-wide information security awareness training.
Monitor the security of all network systems. Recommend and implement additional security solutions or enhancements to ensure the confidentiality, integrity, and availability of ASHA data.
Perform risk assessments with business units, and develop incident response plans.
Lead incident response activities for all information security events, including data breaches and cyber attacks.
Supervise the design and execution of vulnerability assessments, penetration tests, and security audits.
Recommend and implement systems, policies, and procedures required for maintaining PCI, GDPR, and HIPAA compliance.
Create and maintain the Information Systems disaster recovery plan.
Maintain association Information Security Policy.
Develop and conduct security awareness training for all staff. Provide in-depth security training for network team staff.
Provide quarterly reports to upper management on the state of ASHA’s information security.
Qualifications Knowledge Typically Acquired Through
Obtaining a bachelor's degree in Computer Science or Information Systems Management
Minimum of three years related experience
Security certifications, such as CISSP, CISM, or GSEC
Scope and Depth of Technical Skills/Knowledge
Detailed knowledge of and experience with:
Implementing secured solutions for Microsoft Windows server and IIS environments.
Implementing secured solutions for managing desktops.
Implementing secured solutions for Cisco networking environments.
Managing Internet security technologies and protocols, including firewalls, intrusion prevention systems, and virus detection systems
Writing technical policies
Thorough understanding of:
Requirements for PCI certification
Security awareness topics
Scope and Depth of Non-Technical Skills/Knowledge
Strong teamwork skills
Ability to write clear and accurate user and technical documentation
Strong written and oral communication skills
Experience managing multiple, concurrent projects
Analytical problem solving skills
Ability to quickly learn new software applications for evaluation purposes
Additional Salary Information: Salary Range (Non-Negotiable): $98,512 – $109,457
About American Speech-Language-Hearing Association
The American Speech-Language-Hearing Association is the professional, scientific, and credentialing association for 198,000 members and affiliates who are speech-language pathologists, audiologists, and speech, language, and hearing scientists in the United States and internationally.