Posted: Tuesday, September 12, 2017 4:09 AM
Employment Status:AF : Active : Regular : Full Time
Job Summary 13;
1. Demonstrates expert knowledge and understanding of Information security principles, general IT controls (e.g., identity and access management, business continuity and change management), regulatory standards (HIPAA Security Rules, PCI, and HITECH, FISMA) or any new or amended laws, regulatory standards and requirements
2. Knowledgeable in cloud computing, security and privacy for cloud computing and related cloud standards (e.g., ISO 27000 standards)
3. Demonstrates expertise in network security issues, firewall concepts, network security architecture.
4. Hands:on knowledge of information security technologies such as continuous security monitoring, anti:malware controls, intrusion detection/prevention, identity management in the cloud
5. Expertise in managing cybersecurity risks and related response teams, such as the Computer Incident Response Teams (CIRT).
6. Experience managing a Security Operations Center (SOC) or similar operating environment
7. Expertise in specific security issues around Windows, UNIX, cloud platforms, and risk and vulnerability management
8. Excellent written communication skills, with a focus on communicating the business impact of technically complex issues.
Job Responsibilities 13;
1. Manage a diverse team of professional resources providing InfoSec and compliance support for CHOP business and clinical systems, including managing matrix reporting relationships and consultants.
2. Effectively assess InfoSec resource allocation and manage resource productivity, prioritization of work, and individual goals/objectives, including performing bi:annual and annual performance evaluations
3. With the assistance of CHOP Human Resources, coordinates recruitment of qualified and competent support staff, professional and technical staff.
4. Manage operational initiatives and capital planning projects, as deemed necessary by the CISO.
5. Develop and maintain positive relationships with senior and executive leadership and other Hospital and corporate personnel (customers).
6. Produce/deliver management level presentations to CIO leadership team, IS personnel, clinical/business units and other senior/executive leadership.
7. Participate in the production of executive level presentations with CISO for Board presentations (e.g., Audit Committee) and CHOP senior/executive management committees (e.g., Risk Committees).
8. Perform related duties as needed.
Risk Management, Audit and Compliance
1. Work closely with and support the CISO, CTO, and other IS leadership to maintain the Information Security Management Program model for the Hospital, the Research Institute and any related affiliates and Hospital groups (e.g., Office of General Counsel, Compliance and Privacy Offices).
2. Manage compliance to regulatory requirements (e.g., PCI DSS, HIPAA Security Rule, FISMA), including supporting internal and external audit activities and support vendor data risk assessments
3. Manage and support emerging frameworks and processes related to security for cloud computing, identity management in the cloud, including developing and managing cloud security operational processes/procedures for the Hospital, the Research Institute, and Hospital strategic partners.
4. Develops and/or interprets CHOP information security policies, standards, and procedures and manages the maintenance of revisions and updates based on Hospital policy.
5. Manages the Hospitals Governance, Risk, Compliance (GRC) technology and related processes to support identification and tracking of enterprise IT risks and annual risk assessment compliance.
6. Monitor the effectiveness of the InfoSec and regulatory compliance services provided.
Business Continuity Planning and Operations
1. Provide leadership for InfoSec through collaboration with the Business Continuity Management and Quality Ass
• Location: South Jersey
• Post ID: 43857798 southjersey