Education: Bachelor’s Degree with at least 2 security related certifications.
Experience: 10 years of relevant work experience, with 5 years in a management/leadershiprole. At least 2 years specifically geared toward IT security.
Required Skills, Knowledge, and Abilities:
- Lead the security evaluation of exciting new, as well as existing technologies, and arrive at standard system security configurations that can be used in our environment.
- Hands on experience with current security tools, antivirus applications, SIEM software and willingness to learn new technologies/tools/apps as they become available.
- Serve as a Subject Matter Expert on securing technology and stay current on best practices and innovation within security architecture.
- Creativity! How can you solve a problem? Whether this means on your own, collaboratively with our team, or from an outside resource.
- Facilitate internal and external security audits.
- Put your skills to use by creating and maintaining an Information Security Plan that the will serve as our guide and roadmap.
- Develop and maintain strong relationships with key stakeholders to ensure risk management oversight is understood and managed appropriately.
- Must be able to develop, guide and assist in the identification, implementation, and maintenance of organization information security policies and procedures in coordination with organization management and administration, especially the Division of Legal and Compliance activities.
- You must be able to work with organization senior management and corporate compliance officer to establish an organization-wide Security Oversight program.
- Must serve in a leadership role for the Security Oversight program.
- Must be able to perform initial and periodic information security risk assessments and conduct related ongoing compliance monitoring activities in coordination with ARH’s other compliance and operational assessment functions.
- Must oversee, direct, deliver or ensure delivery of initial and security training and orientation to all employees, volunteers, medical and professional staff, business associates and other appropriate third parties.
- Establishes with leadership and operations a mechanism to track access to protected health information, within the purview of the organization and as required by law and to allow qualified individuals to review or receive a report on such activity.
- Ensures compliance with security practices and consistent application of sanctions for failure to comply with security policies for all individuals in the workforce, extended workforce, and for all business associates, in cooperation with Human Resources, the Privacy Officer, administration, and Legal/Compliance as applicable.
- Must be able to initiate, facilitate and promote activities to foster information security awareness within the organization and related entities.
- Will serve as the information security liaison for users of clinical and administrative systems.
- Must maintain current knowledge of applicable federal and state security laws and accreditation standards, and monitor advancements in information security technologies to ensure organizational adaptation and compliance.
- Must serve as information security consultant to the organization for all facilities and appropriate entities.
- Must cooperate with the Office of Civil Rights, other legal entities, and organization officers in any compliance reviews or investigations.
- Will coordinate and facilitate requests/inquiries throughout the organization relative to new computer applications.
- Will work closely with the Senior Project Manager, Engineering and the System Director of IT as well as senior leadership to develop information systems strategy that aligns cohesively with the organization’s business plan and mission.
- Will maintain knowledge of all information systems currently operating within the organization to ensure accurate and complete planning.