• Information Security Engineer

    Job Locations US-CO-Westminster
    Posted Date 1 month ago(4/26/2018 1:39 PM)
    Job ID
    # of Openings
  • Overview

    PURPOSE:  Under the guidance of ReedGroup’s Business Information Security Officer (BISO), the Information Security Engineer will define, manage, and coordinate the diverse set of information security and internal controls related activities comprising ReedGroup’s Information Security Program.  The Information Security Program activities focus on ensuring the confidentiality, integrity, and availability of critical information system resources and related activities, including but not limited to, data/information, application software, servers and desktop hardware, physical assets, network and telecommunications services.


    Who We Are: ReedGroup, headquartered in Westminster, CO, is a dynamic, fast growing organization that employs nearly 2,000 people at 11 locations globally. We are the top provider in the Absence Management industry and provide our services to major companies including a substantial number of Fortune 100 companies.  We are committed to improving health and productivity outcomes while controlling costs - it is at the core of our comprehensive solutions which are designed to return people to their active lifestyles and allow businesses to thrive.  


    Our Vision: Healthy and Productive People. Thriving Businesses. 


    Our Mission: ReedGroup connects the ecosystem of the health, work and life with …

    • The best service experience for clients and employees.
    • Trusted content and experience.
    • Strong partnerships across healthcare and insurance.
    • Innovative technology to drive simplicity.
    • Comprehensive data to create meaningful insights.



    • Develop system security policies and secure system and network architectures
    • Collaborate with team members, peers and business units to determine technical information security requirements
    • Assist in the development and refinement of technical security standards
    • Ensure the information and network security controls are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups
    • Execute on strategy and develop services to address specific information assurance, risk management, and related compliance issues
    • Member of the incident response process/team which receives and responds to all internal and external reports of suspected information security incidents
    • Develop and maintain a computer forensics investigations program using digital forensic related tools
    • Responsible for developing and maintaining a vulnerability management and threat assessment program
    • Create and maintain all Information Security Policies and Procedures
    • Provide status reports on a weekly, monthly and quarterly basis to business managers and other management activities that demonstrate the health of the program
    • Support the Information Security policy lifecycle throughout, including all aspects of intake, creation, review, approval, implementation, publishing, communication and maintenance
    • Function as point of contact and subject matter expert relating to Information Security
    • Establishing and maintain trusted relationships and partnerships with key information security and privacy professionals in both private and public sectors


    • Bachelor’s degree in Information Assurance, Information Security, Cyber Security, Networking, or related discipline, or an equivalent combination of education, certification and work experience
    • Demonstrated work experience conducting information security risk assessment, control analysis, and vulnerability assessments
    • Strong understanding of and experience with security related technologies, systems, and tools
    • Strong understanding of information security threats and vulnerabilities
    • Demonstrated work experience conducting investigations and managing information security incidents
    • Knowledge of NIST SP 800-53 and/or ISO 27001 framework components.
    • Knowledge of Sarbanes Oxley and SSAE 16 standards and guidelines.
    • Strong organizational and time management skills.
    • Strong analytical and technical skills
    • Ability to interact effectively with Information Technology groups and communicate with individuals at all levels of management.
    • Project management skills


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed