Director, Information Security
Company: Commonwealth Health Corporation
Location: Bowling Green
Posted on: July 29, 2022
|
|
Job Description:
+ Position Summary+ Responsible for the overall development,
implementation and maintenance of the information technology (IT)
security systems used by Med Center Health. Works closely with all
levels of the organization to ensure the maximum level of IT
security consistent with organizational risk, information access
requirements and business strategies. Coordinates with IT-Technical
Support and IT-Applications regarding technical considerations for
user rights/privileges, system access to ensure proper
implementation and provides on-going support of all security
operations. Provides technical consulting on complex organizational
projects. Evaluates existing systems and procedures, and makes
recommendations for improvement as required.+ Minimum
Qualifications+ Work Experience+ Five years of progressively
responsible information technology security work experience
preferably in a complex setting including significant experience in
IT project and program management and IT planning leadership with
significant IT security leadership competencies.+ Education+
Bachelors degree in computer science or related technology field
required.+ Masters degree preferred.+ Certifications/Licensure+
Certified Microsoft Engineer preferred.+ Certified Information
Systems Security Professional (CISSP) required.+ Job Specific
Performance Standards+ The duties listed below are a summary of the
major essential functions of this position. The position may
require other duties, both major and minor, that are not mentioned,
and specific functions may change from time to time. + Assesses
security needs and capabilities of Med Center Health. Makes regular
reports to management concerning the current state of security
measures and makes recommendations for improvement as needed. +
Develops the overall security program and content to include all
aspects of information security. Works with existing policies and
procedures to identify, recommend and develop revised policies and
procedures relating to information security as appropriate.
Maintains and revises the overall security program. + Identifies
and provides information security awareness training as
appropriate. Identifies appropriate content for computer-based
training courses to enhance staff awareness of security
capabilities and competencies of the organization. + Works with
management and staff to perform and maintain the annual security
risk assessment and associated corrective action plans. + Ensure
organization compliance with the security sections of Federal and
State regulations including HIPAA as well as The Joint Commission
standards. + Develops the overall disaster recovery plan and
content. Includes all aspects of disaster recovery planning
including data center and application system recovery and
department business continuity plans. Works with management, IT
staff, vendors, regulatory agencies and service providers to
develop and maintain cost effective and appropriate disaster
recovery plans and procedures for the organization. + Determines
and designs appropriate tests for all aspects of information
security and disaster recovery. Activities include attempted
cracking of system security, review of audit trails, simulations of
disaster recovery situations and attempted theft of devices.
Evaluates system effectiveness and makes change recommendations as
necessary. + Participates in interviews for qualified staff
members. Participates with orientation of new employees to the
department. Provides on-going employee training and develop
programs to meet the changing needs of the department and
employees. + Participates in the development and management of the
department budget or an assigned portion of the department budget.
Analyzes costs, develops programs to assure compliance with
budgetary constraints and provides justifications for budget
variances. + Maintains documentation of systems, applications,
hardware, and network access and activities. + Evaluates and makes
recommendations on vendor security capabilities. + Evaluates
requests for sharing data both within and outside the organization
to insure that security and confidentiality standards are
enforced.
Keywords: Commonwealth Health Corporation, Bowling Green , Director, Information Security, Executive , Bowling Green, Kentucky
Click
here to apply!
|