Director, Information Security, Chicago
|
View:
New views
1 Messages
—
Rating Filter:
Alert me
|
 |
Director, Information Security, Chicago
by amamidala
::
Rate this Message:
---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY --------------------------------------------------- JOB DESCRIPTION --------------------------------------------------- Position: Director, Information Security Location: Chicago, Illinois, United States Type: Permanent F/T Closing Date: 2008-12-07 This is a 3 months Contract - Hire position Summary: Responsible for the overall development, implementation and maintenance of the security systems used by client. This position will work closely with all levels of the organization to ensure the maximum level of security consistent with organizational risk, information access requirements and business strategies. Coordinates with Information Technology (IT) Technical Support and IT Applications regarding technical considerations (user rights/privileges, system access) to ensure proper implementation and provides on-going support of all security operations. Provides security related technical consulting on complex organizational projects. Evaluates existing systems and procedures, and makes recommendations for improvements as required. Principal Duties and Responsibilities: Assesses security needs and capabilities of the organization. Prepares regular reports to IT management concerning the current state of security measures and makes recommendations for improvement as required. Develops the overall security program and content. This program will include all aspects of information security and information access including Internet/Intranet access and risks. Works with existing policies and procedures to identify, recommend and develop revised policies and procedures relating to information security as appropriate. Maintains and revises the overall security program. Identifies and provides information security awareness training as appropriate. Identifies appropriate courses to enhance security capabilities and competencies of the organization. Works with IT management, risk managers, corporate compliance and in-house legal counsel to perform and maintain risk assessment concerning system down time, unwarranted system access and general risk levels. Ensures organization compliance with the security sections of Federal and State regulations including HIPAA, as well as JCAHO standards. Works with internal and external auditors to response to needed requests, suggestions and security related findings. Develops the overall disaster recovery plan and content. Includes all aspects of disaster recovery planning including data center and application system recovery and departmental business continuity plans. Works with IT management, IT staff, vendors, regulatory agencies and service providers to develop and maintain cost-effective and appropriate disaster recovery plans and procedures for the organization. Determines and designs appropriate tests for all aspects of information security and disaster recovery. Activities include attempted "cracking" of system security, review of audit trails, simulations of disaster recovery situations and attempted theft of devices. Evaluates system effectiveness and makes change recommendations as necessary. Keeps current on security administration and disaster recovery issues through seminars, publications and self education on an on-going basis. Conforms to formal departmental methodology standards. Demonstrates effective behaviors as outlined in the organization-wide core competencies. Provides support to the all CLIENT Applications in the development and implementation of security controls for these applications. Works closely with Application Build Teams to understand the security architecture and coordinates the implementation of changes in security once approved through the Configuration Management. Oversees user support issues regarding user access to all applications. Maintains relationships with clinical and business management to identify and understand security issues related to Client Applications that need to be addressed through IT management and technical teams. Leads, motivates and coaches project team members Implements and ongoing Scope Change Management Plan; manages scope escalation Assists the team to problem solve and determine solutions that minimize barriers to the business solution Proactively manages project issues and risk to minimize variances to the plan; manages escalations Maintains constant communication with the Business Sponsor, Technical Leads and other team members as well as IT and Business management Manages the IT Risk and Security team Identify and manage budget for the team Identify and manage training objectives for the team Identify and manage yearly team goals and objectives Serve as project manager for selected projects Identify projects that require additional resources and coordinate through the PMO Ensure Change Management is carried out for all projects Ensure maintenance is carried out on all technical systems operated by the team Provide staff counseling and oversight Attend departmental manager meetings and provide status updates, as required JOB REQUIREMENTS --------------------------------------------------- Knowledge, Skills and Abilities: Requires bachelor's degree in computer science or related technology field. Requires ten years of relevant computer systems experience, preferably in a healthcare setting. Experience should include at least five years of experience in an information security position and three or more years in a customer support role with high customer satisfaction goals. Thorough understanding of risk analysis, disaster recovery and audit tracking. Thorough knowledge of local area and wide area network architectures (LAN/WAN), and in-depth and current knowledge of data processing and programming concepts. Experience with network design, routing design and open system security issues. Thorough knowledge of formal project management techniques and tools through training and direct experience (MS Project or other project scheduling tools) Understands sound business concepts and practices for hospital registration, billing, collections, and receivables management Command of typical office automation tools (Microsoft Professional Suite, Lotus Notes, e-mail, etc.) as well as vendor/contract management experience. Familiarity with current common paradigms for violating system integrity. 7+ years experience as a Project Manager; Project Management Professional (PMP) certification a plus Must have excellent interpersonal skills to effectively communicate with all levels of hospital personnel, vendors and IT personnel. Must possess the ability to deliver clear, concise communications and presentations. Must be able to train others quickly and thoroughly on key IT concepts. CONTACT --------------------------------------------------- Ashwin Mamidala (847) 368-0860 x 242 (847) 800-9515 (M) amamidala@... VIVA USA INC Ashwin Mamidala Sr Manager amamidala@... --------------------------------------------------- SECURITYFOCUS JOBS --------------------------------------------------- SecurityFocus now offers an online interface for searching and managing job opportunities and resumes. http://www.securityfocus.com/jobs |
| Free embeddable forum powered by Nabble | Forum Help |
