Director of Information Technology & Cyber Security

Recruiter
DocGo
Location
New York
Salary
Competitive
Posted
23 Sep 2022
Closes
21 Oct 2022
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time

Title: Director of IT & Cybersecurity

Location: DocGo HQ, 35 West 35th Street, New York, NY 10001

Employment Type: Full–Time

Benefits: Medical, Dental, and Vision (with company contribution), Paid Time Off, 401k

About DocGo

DocGo is transforming healthcare with peerless innovation and on–the–ground care. Our mobile workforce of thousands of full–time traveling clinicians and our proprietary, AI–powered software leverages robust medical record integrations to drastically improve patient outcomes. In our tireless pursuit of high–quality, highly affordable healthcare for all, DocGo makes the impossible possible. We're revolutionizing the delivery of healthcare and we need a Director of IT & Cybersecurity to join us!

Responsibilities:

  • Oversee the Service Desk Team, IT Projects Team, and Security Team

  • Analyze IT infrastructure and systems performance to assess operating costs, productivity levels, upgrade requirements, and other metrics or needs

  • Oversee all company technology operations nationally and evaluate them continuously based on the goals of the department

  • Maintain policies and systems supporting department strategies

  • Oversee the purchase of cost–effective equipment and software that meets the needs of a fast–paced organization

  • Identify areas of need for upgrades or remediation in company infrastructure

  • Act as the highest level of escalation for any technology need across the organization

  • Oversees security of endpoints, systems, networks, and organizational data

  • Lead IT security audits or investigations as they relate to ISO, HIPAA, PCI, SOX, and other standards as they relate to the organization

  • Develops and maintains relationships with external IT vendors and service providers

  • Develops, maintains, and publishes up–to–date security policies, standards, and guidelines. Oversees training and dissemination of security policies and practices

  • Provide strategic risk guidance for IT projects, including evaluation and recommendation of technical controls

  • Collaborate with the compliance team and engineering teams as needed

  • Evaluates new cybersecurity threats and IT trends and develops effective security controls

  • Oversees development of security awareness programs

  • Develops and oversees effective disaster recovery policies and standards to align with company business continuity management program goals. Coordinates development of implementation plans and procedures to ensure business critical services are recovered in the event of disasters or other incidents, and provides direction, support, and in–house consulting in these areas.

  • Evaluates potential security breaches, coordinates response, and recommend corrective actions.

  • Provides project management and leadership to staff and external resources in support

  • of established goals and objectives, improved efficiencies, and problem resolution

Required Qualifications:

  • Bachelor's Degree in Computer Science, IT, or related field preferred

  • Certified Information Systems Security Professional (CISSP)

  • Understanding of or certification in Information Technology Infrastructure Library (ITIL)

  • 9+ Years in an IT role, ideally both IT and Cybersecurity

  • 4+ Years in a management position

  • Strong, hands–on, troubleshooting skills and working knowledge as it relates to IT infrastructure (e.g Endpoints, switching, routing, firewalls, software, SaaS applications, cloud infrastructure)

  • Demonstrated management skills, e.g., budget development and administration, policy development and implementation, personnel administration, staff training and development.

  • Experience with incident detection, response management, and forensics

  • Experience with security platforms such as firewalls, SIEMs, EDR/XDR, MDM, NACs, DLP, pen testing tools and distributions – Functional use and maintenance

  • Has a led a team of any size preferably in technology and cybersecurity related projects

  • Experience being the POC or Lead in audit related activity

  • Experience with vulnerability detection, testing, and mitigation (emphasis on testing)

  • Scripting experience in Python, JS, and Powershell

  • Experience with and strong knowledge of IT and Security infrastructure architecture – Functional use and maintenance (e.g. Architecting, implementing, maintaining)

  • Experience with managing compliance such as HIPAA, PCI, SOC, or ISO

  • Experience in policy technical writing

  • Strong understanding of the NIST CSF or CISA Cyber Framework and best practices

  • Strong attention to detail

  • Excellent communication and interpersonal skills

  • Strong critical thinking and problem–solving skills

  • Anility to think outside the box

  • Ability to prioritize projects and departmental goals

  • Experience with Office 365 and securing Microsoft platforms

  • Experience using Governance, Risk, and Compliance platforms

Preferred Qualifications:

  • Experience with AWS a plus

  • Ruby, Node, or Go a plus

  • Certified Information Security Manager (CISM) a plus

  • Any additional certifications are a plus

EEO/AAP Statement: DocGo is an equal opportunity employer. We acknowledge and honor the fundamental value and dignity of all individuals. We pledge ourselves to crafting and maintaining an environment that respects diverse traditions, heritages, and experiences. DocGo is an Equal Employment Opportunity and Affirmative Action employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.

The above–noted job description is not intended to describe, in detail, the multitude of tasks that may be assigned but rather to give the applicant a general sense of the responsibilities and expectations of this position. As the nature of business demands change so, too, may the essential functions of the position.