Catholic Health Initiatives Manager, IT Security in LOUISVILLE, Kentucky

Manager, IT Security

Description

KEY FUNCTIONS:

  • Protects valuable information and maintains the confidentiality and integrity of data through:

  • Knowledge of security management, network security & protocols, data and application of solutions.

  • Knowledge of industry trends and current and emerging risks.

  • Advises One IT leadership on enterprise security strategy, security architecture, and security design work; works with business stakeholders to define the security and privacy policies.

  • Supports security and privacy audits and develops a mitigation strategy.

  • Oversees One IT disaster recovery planning and testing

  • Manages One IT change control process

RESPONSIBILITIES:

  • Develops and standardizes processes and procedures relating to IT Security risk and change control across the technology organization, balances risk vs. business needs while ensuring policies are implemented in accordance with corporate-wide policies and external regulatory obligations.

  • Reports progress on IT security performance to management on a consistent basis.

  • Reviews exception requests and monitors action plans that are developed and implemented to address any non-compliance with policy requirements.

  • Assists in the development and implementation of IT security & control architecture including consulting on security requirements in system development activities, policies, standards and procedures

  • Develops and implements strategy for business continuance/disaster recovery of all systems and applications in the event of natural or man-made disaster.

  • Lead the development of the ITS disaster recovery plan by developing project plans, coordinating activities, monitoring progress, reporting status and presenting recommendations to management.

  • Use business impact analysis to assess internal and external concerns and risks to the organization by recommending strategies to reduce or eliminate identified risks.

  • Schedule and coordinate applications and systems mock exercises to establish recovery timelines and ensure accuracy and effectiveness.

  • Defines and improves technology change processes in accordance with recognized industry standards (ITIL) and ensures change activities are conducted according to defined processes.

  • Manages a change process improvement program across the technology organization and maintains the evolution of the program

  • Manages and mentors security staff.

  • Will require some on-call coverage responsibilities

Qualifications

SKILLS, REQUIREMENTS& CERTIFICATIONS :

  • Bachelor of Science degree in computer science with emphasis on IT security required.

  • 7 years of relevant security experience required.

  • 3-4 years’ experience in a security supervisory role required.

  • Relevant industry certification in networking and technology (CISSP, Vendor and ITIL Certifications) required.

  • May substitute an equivalent combination of education and experience.

  • Well rounded understanding of technology, operations and key business processes.

  • Re-engineering / process improvement experience, leading and coaching security improvement projects.

  • Strong skills and experience in the following:

  • Security policies procedures and leading practices

  • Risk management

  • Project management skills.

  • Strong change management skills; change agent.

  • Strong problem solving and analytical capabilities.

  • Excellent written and verbal communication skills.

  • Strong influencing and negotiation skills.

  • Strong knowledge of healthcare processes.

INTERACTIONS, HAND-OFFS

  • Collaborates with the information risk group and audit group to identify, prioritize and respond to risk components, technology audits and compliance issues respectively for the technology organization in support of business strategy.

  • Facilitates and reviews control and compliance initiatives, such as self-assessments, third party reviews and due diligence initiatives.

  • Builds relationships with corporate wide process improvement experts to leverage use of the technology organization wide capabilities.

  • Works with service management to establish and document standard security policies and procedures

Additional Responsibilities:

  • Demonstrates a commitment to service, organization values and professionalism through appropriate conduct and demeanor at all times.

  • Adheres to and exhibits our core values :

  • Reverence : Having a profound spirit of awe and respect for all creation, shaping relationships to self, to one another and to God and acknowledging that we hold in trust all that has been given to us.

  • Integrity: Moral wholeness, soundness, uprightness, honesty and sincerity as a basis of trustworthiness.

  • Compassion: Feeling with others, being one with others in their sorrows and joys, rooted in the sense of solidarity as members of the human community.

  • Excellence: Outstanding achievement, merit, virtue; continually surpassing standards to achieve/maintain quality.

  • Maintains confidentiality and protects sensitive data at all times.

  • Adheres to organizational and department specific safety standards and guidelines.

  • Works collaboratively and supports efforts of team members.

  • Demonstrates exceptional customer service and interacts effectively with physicians, patients, residents, visitors, staff and the broader health care community.

#GLDRNAT

Job Information Technology

Primary Location KENTUCKY-LOUISVILLE-JEWISH HOSPITAL

Other Locations KENTUCKY-ERLANGER-NATIONAL OFFICE ERLANGER, KENTUCKY-LEXINGTON

Daily Schedule Days

Scheduled Hours per 2-week Pay Period 80

Weekends Required Occasional

Req ID: 2017-R0120328