This site uses cookies. To find out more, see our Cookies Policy

Manager, Information System Security in Harrisburg, PA at KEPRO

Date Posted: 10/9/2018

Job Snapshot

Job Description

Information System Security Manager

Summary Description

Responsible for the development of and administration of ITS policy and corporate guidance for KEPRO’s information and physical security strategies. Work to maintain and improve the current posture and plans for continued growth and integrity of KEPRO’s security policies and procedures. Areas of primary responsibility include PC/server/network security, database security, application security, systems security administration and user access security administration.

Accountabilities / Essential Functions

  • Responsible for developing, implementing, communicating, maintaining, and supporting IT Security technologies, programs, policies and strategies to protect KEPRO’s information and technology assets.
  • Establishes and monitors adherence to sound IT security controls, policies and procedures. Develops plans to maintain IT service continuity in the event of emergencies or disasters.
  • Collaborates with ISSO to ensure accurate and tested Policies and Procedures are implemented.
  • Ensure that all IT systems and services are compliant with all applicable industry regulations (i.e. HIPAA, ISO, DIACAP, URAC, FISMA).
  • Collaborates with ISSO to ensure regulatory compliance
  • Other duties as assigned

The list of accountabilities is not intended to be all-inclusive and may be expanded to include other education- and experience-related duties that management may deem necessary from time to time.


  • Required: Bachelor’s degree from an accredited college or university in Information Management, Computer Science, Mathematics, or a related field, or equivalent years of experience.
  • ITIL, CISSP certification highly desirable

Skills, Knowledge Abilities (SKA)             

  • Position requires a broad-based understanding of the KEPRO’s business and its information security needs and risks; demonstrated skills in managing secure IT services.
  • Firewalls, intrusion detection systems, anti-virus software, data and device encryption and other industry-standard techniques and practices
  • In-depth technical knowledge of network, PC, and platform operating systems
  • Applicable regulatory security requirements (NIST, FISMA, and/or DIACAP) essential
  • Working technical knowledge of systems software, protocols, and standards.
  • Strong knowledge of TCP/IP and network administration/protocols.
  • Hands-on experience with devices such as hubs, switches, and routers.
  • Strong knowledge of network packet analysis tools (ex, WireShark).
  • Forensics experience, tools, and processes.
  • Incident response and reporting.
  • Intuition and keen instincts to pre-empt attacks.
  • High level of analytical and problem-solving abilities.
  • Ability to conduct research into security issues and products as required.
  • Strong understanding of the organization’s goals and objectives.
  • Strong interpersonal and oral communication skills.
  • Highly self-motivated and directed.
  • Strong organizational skills.
  • Excellent attention to detail.
  • Ability to effectively prioritize and execute tasks in a high-pressure environment.
  • Able to work in a team-oriented, collaborative environment.
  • Maintain strict confidentiality of highly-sensitive corporate information
  • Demonstrates ability to exercise independent judgment and strong decision making skills.


  • Work requires a minimum of five years of progressive security experience in a healthcare Information Technology environment

Mental and Physical Requirements        

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.  Reasonable accommodations will be made as required by law in an attempt to enable an individual with a disability to perform the essential functions of this job. While performing the duties of this job, the employee is regularly required to sit for prolonged periods of time; key and/or control objects; interact extensively with internal and external customers; occasionally lift and/or move objects weighing up to 10 pounds; and occasionally travel within the state.

EOE AA M/F/Vet/Disability