Job Description - Director of I.T. Security Information (Healthcare)
REMOTE OPPORTUNITY Director of I.T. Security Information (Healthcare) Position Overview The Director of Information Security is a senior leadership position responsible for leading and overseeing The Company's information security function. This role is critical in safeguarding the confidentiality, integrity, and availability of our organization's information assets and technology products. The director develops and implements comprehensive strategies, policies, and procedures to identify and mitigate risks, ensure compliance with industry regulations, and responds effectively to security incidents. Duties and Responsibilities 1. Strategic Planning: Develop and implement the organization's information security strategy, aligning it with business objectives and risk tolerance. Identify and prioritize security initiatives, establish security goals, and create a roadmap for their implementation. 2. Risk Management: Conduct regular risk assessments to identify and evaluate potential security threats and vulnerabilities. Develop and implement risk mitigation strategies, including security controls, policies, and procedures. Monitor and manage security risks through ongoing assessments and the implementation of appropriate safeguards. Foster a culture of security awareness through formal and informal training. 3. Policy and Procedure Development: Establish and enforce information security policies, standards, guidelines, and procedures. Ensure compliance with relevant laws, regulations, and industry best practices. 4. Incident Response and Management: Lead incident response efforts during security breaches or incidents. Coordinate with relevant teams to investigate, contain, and remediate security issues promptly. 5. Governance and Compliance: Establish governance frameworks for information security. Ensure compliance with legal and regulatory requirements (e.g., HIPAA, PCI, HITRUST). 6. Stakeholder Collaboration: Collaborate with stakeholders across the organization to promote a culture of security. Align information security practices with business objectives and work with executive leadership. Develop your team to provide high-quality support for all stakeholders. 7. Technical Controls: Manage technical safeguards to ensure they perform as required. Review emerging technologies for fit and update the information security roadmap accordingly. 8. External Relations: Build and maintain relationships with external partners, such as security vendors, service providers, auditors, and industry peers. Stay informed about emerging threats, best practices, and regulatory changes. 9. Resource Advocacy: Provide guidance and direction on security matters to executive leadership and board members. Advocate for the necessary resources and support to maintain a strong security posture. Secondary Duties and Responsibilities Support Information Security Incident Response, System Recovery, Disaster Recovery, and Business Continuity processes and procedures as needed. Perform other duties and tasks as assigned. Education/Training and Certification, Licensure, Registration Requirements Bachelor's degree strongly preferred in Information Technology or equivalent work experience. An advanced degree in Information Systems, Business, Planning, or a related field is a plus. Experience 5+ years of leadership experience in building and leading Information Security teams and programs in mid to large healthcare delivery systems. Proven experience in managing healthcare GRC programs, including HITRUST policy & technical control management and security risk assessment. Environment and/or Physical Factors Prolonged periods sitting at a desk and working on a computer. Must be able to lift up to 15 pounds at a time. Desired Qualifications Bachelor's degree in a relevant field (e.g., Computer Science, Information Systems, Cybersecurity). Proven experience in information security leadership roles. Industry certifications (e.g., CISSP, CISM, CRISC) are highly desirable. Strong knowledge of HIPAA, HITRUST, CIS, and NIST security frameworks, risk management, and compliance. Excellent communication and leadership skills.
All Job Ads are subject to GrabJobs’s Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by GrabJobs moderation team. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.
Be the first to receive the latest Others Full-Time Jobs in the US.
Setup your job alert:
By activating job alerts, I agree to GrabJobs Terms & Privacy Policy. I can unsubscribe to job alerts anytime.
Skip
GrabJobs is the no1 job portal in the US, connecting you to thousands of jobs fast!
Find the best jobs in the US, apply in 1 click and get a job today!