Chief Information Security Officer Astadia
THIS JOB HAS EXPIRED Area of Interest: Information Technology
Position Type: Full Time - Contract
Location: Remote Employees-Client Site
State / Province: Texas
Requirements: Please see job description.
Bachelors Degree Computer Science, Information Security or Related Experience;
Certified Information Systems Security Professional (CISSP) required;
Certified Information Systems Manager (CISM) or Certified Information Systems Auditor (CISA) required.
Work Experience (Years and Area):
Minimum of ten years professional experience in the IT industry.
Minimum of five years practical experience designing and implementing enterprise information technology security
Strong demonstrated knowledge of technologies including network, server, desktop, storage, and how security relates to the overall IT environment.
Minimum of five years practical experience working with the HIPAA Security Regulation
Minimum of 5 years practical experience working with information privacy and security laws (such as FISMA, PCI-DSS, GLBA, FIPS, and data breach reporting laws), generally accepted information security principles, and accepted industry practice.
Demonstrated professional experience in preparing and presenting information effectively, clearly, and concisely, in written and spoken form to a wide-range of internal and external constituencies, including non-technical executives, officers, product or service vendors, and middle-managers.
Management Experience (Years and Area):
Minimum of five years supervisory experience
TYPICAL DUTIES THAT MAY BE PERFORMED:
Policy Development ? Coordinates the development and implementation of Information Technology Security policies, standards and procedures. Ensures that policies support compliance with federal, state, and local regulatory requirements. (e.g. HIPAA, PCI-DSS, NC Identity Theft Protection Act, FISMA, etc.)
Security Architecture - Collaborates with key business leaders and departments to implement & maintain a security architecture that includes policies, technical design, standards, guidelines and procedures that ensures the confidentiality, integrity, and availability of HCHD?s systems and data.
Risk Assessment ? Develops and implements an ongoing risk assessment program targeting information technology security matters. Recommends methods for vulnerability detection, remediation, and testing. Ensures the appropriate application of controls based on risk and consults with relevant parties regarding their information technology security risks and responsibility in minimizing those risks. Works with outside consultants as appropriate for independent security audits.
Compliance Enforcement (Auditing and Monitoring) ? Leads the design and implementation of compliance auditing and monitoring and improvement activities to ensure compliance with both internal security policies and applicable external regulatory requirements. Serves as an internal auditor for compliance with policies and requirements.
Incident Response/Investigations ? Leads development and implementation of an Incident Reporting and Response System to address security incidents and respond to alleged policy violations. Serves as official point of contact for information technology security incidents.
Conducts investigations related to information technology security, including those involving protected health information.
Information Technology Security Awareness and Training ? Initiates, facilitates, and promotes information technology security awareness, training and educational activities.
Official Contact/Reporting Responsibility ? Acts as the liaison to parties, both internal and external to HCHD, on information technology security matters as necessary.
Reports directly to the Senior Vice President, Corporate Compliance regarding the day-to-day operations of the Information Technology Security Program. In addition, reports on a regular and as-needed basis to HCHD?s Chief Executive Officer, Chief Information Officer and Board of Managers regarding relevant information technology security matters.
Management ? Provides management and leadership of staff within the Information Technology Security Program, including planning, budgeting, and promotional activities expounding the value of information technology security. Works with appropriate parties to prioritize HCHD information technology security initiatives and spending based on appropriate risk management and/or financial methodology.
Maintain Knowledgebase ? Keeps abreast of latest security advisories, alerts, and regulations. Advises affected HCHD departments and ensures appropriate action has been taken when necessary.
||Houston, TX |
THIS JOB HAS EXPIRED