Appalachian Regional Healthcare


    Job Locations US-Hazard
    Posted Date 5 months ago(12/4/2018 4:03 PM)
    Requisition ID
    # of Openings
    Business Professional
    Position Type
    Regular Full-Time
    Information Systems
    Day Shift
  • Overview

    ARH is searching for a highly motivated and skilled Information Security Manager to join our progressive and professional Information Technology Team. As we continue on our journey to provide the best possible Patient Care, we are also striving to build a high performance infrastructure to support those goals. We understand and appreciate that a key component is a security group that is up to the unique and rewarding challenges of our environment today. Come grow with us, as we strive to build a secure IT environment in the Healthcare world that still serves the needs of patients and providers alike.


    The Manager of IT security will be focused on developing, maintaining (and monitoring the compliance to) all IT security policies and procedures. Chief among these duties will involve the creation of a solid risk assessment strategy for the organization that will be performed regularly and followed up with equal regularity. This resource will be held accountable to follow up on any weaknesses discovered in ARH’s security posture to insure compliance with applicable HIPAA standards. Regular, hands on evaluation of security systems will be required as well as keeping the rest of the IT team abreast of security challenges.


    Education: Bachelor’s Degree with at least 2 security related certifications. 



    Minimum Work

    Experience: 10 years of relevant work experience, with 5 years in a management/leadershiprole. At least 2 years specifically geared toward IT security.


    Required Skills, Knowledge, and Abilities: 

    • Lead the security evaluation of exciting new, as well as existing technologies, and arrive at standard system security configurations that can be used in our environment.
    • Hands on experience with current security tools, antivirus applications, SIEM software and willingness to learn new technologies/tools/apps as they become available.
    • Serve as a Subject Matter Expert on securing technology and stay current on best practices and innovation within security architecture.
    • Creativity! How can you solve a problem? Whether this means on your own, collaboratively with our team, or from an outside resource.
    • Facilitate internal and external security audits.
    • Put your skills to use by creating and maintaining an Information Security Plan that the will serve as our guide and roadmap.
    • Develop and maintain strong relationships with key stakeholders to ensure risk management oversight is understood and managed appropriately.
    • Must be able to develop, guide and assist in the identification, implementation, and maintenance of organization information security policies and procedures in coordination with organization management and administration, especially the Division of Legal and Compliance activities.
    • You must be able to work with organization senior management and corporate compliance officer to establish an organization-wide Security Oversight program.
    • Must serve in a leadership role for the Security Oversight program.
    • Must be able to perform initial and periodic information security risk assessments and conduct related ongoing compliance monitoring activities in coordination with ARH’s other compliance and operational assessment functions.
    • Must oversee, direct, deliver or ensure delivery of initial and security training and orientation to all employees, volunteers, medical and professional staff, business associates and other appropriate third parties.
    • Establishes with leadership and operations a mechanism to track access to protected health information, within the purview of the organization and as required by law and to allow qualified individuals to review or receive a report on such activity.
    • Ensures compliance with security practices and consistent application of sanctions for failure to comply with security policies for all individuals in the workforce, extended workforce, and for all business associates, in cooperation with Human Resources, the Privacy Officer, administration, and Legal/Compliance as applicable.
    • Must be able to initiate, facilitate and promote activities to foster information security awareness within the organization and related entities.
    • Will serve as the information security liaison for users of clinical and administrative systems.
    • Must maintain current knowledge of applicable federal and state security laws and accreditation standards, and monitor advancements in information security technologies to ensure organizational adaptation and compliance.
    • Must serve as information security consultant to the organization for all facilities and appropriate entities.
    • Must cooperate with the Office of Civil Rights, other legal entities, and organization officers in any compliance reviews or investigations.
    • Will coordinate and facilitate requests/inquiries throughout the organization relative to new computer applications.
    • Will work closely with the Senior Project Manager, Engineering and the System Director of IT as well as senior leadership to develop information systems strategy that aligns cohesively with the organization’s business plan and mission.
    • Will maintain knowledge of all information systems currently operating within the organization to ensure accurate and complete planning.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed