|Date Posted||December 3, 2019|
Ref ID: 01500-0011281553
Classification: Data Security Analyst
Compensation: $120000.00 to $130000.00 yearly
Our client is searching for an Information Security Officer. The Information Security Officer (ISO) is responsible for the development and delivery of a comprehensive information security and privacy program. The Officer coordinates the development of the organizations information security polices, processes, standards and procedures and works with key IT managers, Corporate Compliance, data custodians and governance groups in the development of such policies. The ISO is responsible for managing risks related to information security, business continuity planning, crisis management, privacy, and compliance.
Responsibilities include the following:
• Ensure all staff members are trained on the organization and governmental security requirements and promote cyber security awareness programs across the organization.
• Ensure that policies support compliance with external regulatory requirements.
• Manage the dissemination of policies, standards and procedures to the organization's community.
• Work with the COO/CFO, IT Director, and HIPAA-privacy Officers on compliance issues as necessary. Prepare and submit required reports to external agencies.
• Report any security breaches to all internal and external regulatory agencies and respond to third party inquiries.
• Develop and implement an ongoing risk assessment program targeting information security and privacy matters; recommended methods for vulnerability detection and remediation, and conduct vulnerability testing. Including conduct and implementing required security measures to meet the ARRA meaningful use standard for the institution.
• Develop plans to safeguard computer files and confidential information against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
• Confer with users to discuss issues such as computer data access needs, security violations, and programming changes.
• Monitor current reports of computer viruses to determine when to update virus protection systems.
• Modify computer security files to incorporate new software, correct errors, or change individual access status.
• Coordinate implementation of information security solutions and controls with both internal and external resources.
• Protects system by defining access privileges, control structures, and resources. Determines security violations and inefficiencies by conducting periodic audits.
• Upgrades system by implementing and maintaining security controls.
• Enforce security guidelines and partake in implementation of business continuity and disaster recovery environment of all IT systems/applications.
• Report information security performance against established security metrics, prepare management reports recapping and trending various categories of security issues and highlighting remediation activities.
• Produce quarterly and year-to-date reports identifying threats and risks.
• Develop remediation plans and facilitate implementation to reduce future risk of security breaches, data loss and operational disruption.
QUALIFICATIONS & REQUIREMENTS
MUST HAVE HIPPA EXPERIENCE
• Bachelor’s or Master’s Degree in Computer Science or related field of study.
• Qualified candidate must possess a minimum of 3-5 years of information security experience IN A HEALTHCARE ENVIRONMENT.
• Knowledge of national and international regulatory compliance and framework such as HIPAA, ISO, NIST, HITRUST, SOX, GDPR, and PCI DSS.
• Excellent project management, written and oral communication skills desired.
• Ability to work collaboratively with a broad range of constituencies is essential.
• Strong problem solving and analytical skills.