Curi is committed to helping physicians in medicine, business, and life. Founded in 1975, we were built on a promise: When doctors needed help, we would answer the call. Physicians’ needs have changed over the years, but our dedication to that promise has never wavered. From wealth management to medical malpractice insurance to well-being programs, we remain passionately curious about identifying ways to meet the ever-evolving needs of physicians and those who support them.
We’re looking for an experienced IT professional with strong communication and problem-solving skills, along with the ability to influence key business partners, to join us as an IT Security Manager. In this role, you will be responsible for the day-to-day security of Curi’s networks and systems. You will work closely with Curi’s IT team as well as compliance and security vendors to establish and maintain the necessary technical controls to protect Curi assets and data.
Reporting to the Director of IT Security and Operations, this individual will be responsible for identifying, evaluating, and remediating security vulnerabilities; auditing Curi’s cloud infrastructure and applications to validate adequate security monitoring and controls; and, investigating security incidents.
- Adhere to organization and department policies and goals
- Recommend department policy and operational changes to help streamline business operations
- Recommend changes to information security policies
- Conduct annual security awareness training and targeted security training
- Assist with incident response and investigations
- Research and inform stakeholders of latest IT security practices and current threats
- Manage IT security vendors who provide day-to-day operational security for Curi
- Act as the primary IT contact for regulatory audits and security assessments
- Develop and direct implementation of security standards and best practices for the organization
- Direct and/or participate in the installation and use of security tools (e.g., firewalls, DLP, email threat protection, AV tools, MDM)
- Analyze and assess vulnerabilities in the infrastructure (software, hardware, network, data, and cloud)
- Create and manage risk assessment reports
- Mentor others when needed
- Experience with IT Security Frameworks (e.g., NIST CSF)
- Experience or certification in cloud security, including experience with cloud security tools and products
- Understanding of cloud security best practices
- Experience executing projects in Agile environments (Kanban and Scrum)
- Ability to lead technical projects and integrations with internal and external platforms and partners, including architectural discussions and implementations, to ensure solutions are designed for successful deployment.
- Strong presentation, written, and verbal communication skills, including the ability to influence key business and technology partners
- Excellent problem-solving and interpersonal skills
- Ability to be creative, thoughtful, and critical
- Demonstrated expertise delivering technical solutions as per specified plans, deliverables, costs, and timelines—start to finish
- Ability to multitask and handle urgent interruptions with professionalism
- Bachelor’s degree in Computer Science or similar discipline, Masters preferred
- Certified Information Systems Security Professional (CISSP) required
- 8+ years’ experience in information security
- 4+ years’ personnel management experience, including management of outside vendors
- Experience in healthcare, insurance, or related field preferred