Location: US-NY-Melville

Job Number: 18206550 Description:

Taleo ID: 001U3C

Approximate Salary: $80,000.00

Position Summary:

Reviews and documents security risk and controls surrounding enterprise information technologies, applications and services. Maintains policies, standards and procedures to align with information security frameworks and enterprise strategies. Supports the information security awareness and training program.


  1. Perform application security reviews, vendor/business associate assessments, threat modeling and vulnerability analysis based on the NIST/HITRUST framework.

  2. Oversee corrective action plan development, establish remediation priorities, and track status.

  3. Provide information security subject matter expertise to developers, engineers, and workforce members on information security risk assessments, vulnerability remediation and threat detection techniques.

  4. Maintain Information Security policies, standards and guidelines.

  5. Develop and maintain security awareness and training materials to reinforce required security controls and address gaps noted in assessments.

  6. Write technical reports based on security review findings and recommendations.

  7. Performs other duties, as required.


• High School Diploma or equivalent, required and minimum of eight (8) years progressively responsible information technology risk management or security experience, required


• Bachelor’s Degree in Information Security or Audit or related field, required AND

• Minimum of five (5) years progressively responsible information security assessment or audit experience, required.

• Thorough knowledge and understanding of current information risk assessment techniques, required.

• Working knowledge of IT standards, federal and state compliance regulations, and security frameworks including HIPAA, HITRUST, NIST, ISO27001, and PCI-DSS, required.

• In-depth technical knowledge of Information Security principles and processes and experience writing/maintaining information security policies, standards and guidelines, required.

• Attention to detail, excellent writing, documentation, communication, presentation, customer service and interpersonal skills, and the ability to work with all levels of management, required.

• Healthcare environment, preferred.

• Certified in at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Security , Global Information Assurance Certification (GIAC) or related certification, preferred.


CTG (NASDAQ: CTG) provides industry-specific IT services and solutions that address the business needs and challenges of clients in high-growth industries in North America and Western Europe. CTG also provides strategic staffing services for major technology companies and large corporations. Backed by more than 50 years of experience and proprietary methodologies, CTG has a proven track record of reliably delivering high-value, industry-specific staffing services and solutions to its clients. CTG has operations in North America, Western Europe, and India.

CTG's greatest asset is its people, and as such, we are committed to providing employees programs and processes to support their performance, hone their skills, and advance in their careers. This commitment is reflected by CTG being named a Best Places to Work in Healthcare company by Modern Healthcare (2013-2016) in North America, and a Best Workplace in the United Kingdom (2013), Belgium (since 2007), and Luxembourg (since 2011).

CTG will consider for employment all qualified applicants including those with criminal histories in a manner consistent with the requirements of all applicable local, state, and federal laws.

CTG is an Equal Opportunity/Affirmative Action Employer and strong advocate of workforce diversity. Minority/Female/Sexual Orientation/Gender Identity/Disability/Veteran.

Job: Technology & Healthcare IT