KNOWLEDGE AND SKILLS REQUIRED:
• Knowledge of one or more of the following areas: HIPAA Security and Privacy Rule, Red Flag Rule, Family Education Rights and Privacy Act (FERPA), HITECH, Meaningful Use (MU), or an equivalent.
• Working knowledge of information security risk management and risk assessment methodologies.
• Well versed in project management procedures and concepts.
• Knowledgeable in two or more technical skills, such as IT infrastructure, operating systems, data centers, access controls, malware protection, security monitoring, physical security controls, etc.
• Understanding of logging, monitoring and auditing functions, and continuous improvement plans.
• Understanding of security risks due to joint ventures, acquisitions, contract management processes, and business impact analysis (BIA).
• Ability to work with 3rd party consultants as necessary.
• Have soft skills, such as multi-tasking, self-starter, prioritizing, time management, decision making, teamwork, presentation, verbal and written communication, along with strong interpersonal skills.
• Hands-on with Microsoft suite of applications (Word, Excel, PowerPoint, Project, etc.).
KNOWLEDGE AND SKILLS PREFERRED:
• Strong background in IT, information security, and enterprise architecture.
• Ability to develop a comprehensive picture of an organization’s technology and information needs, and then assess/test the security structures and controls designed to protect them.
• Sound technical background in security requirements and standards (e.g., HITRUST, HITECH, NIST, ISO 27K, COBIT, or an equivalent).
• Comprehensive understanding of enterprise architecture designs related to data protection, healthcare applications, and cybersecurity.
• Thorough understanding of enterprise security systems (e.g., IDPS, SEIM), security threats and related risks, malware protection, virtual networks,
• Working knowledge of asset management, vulnerability management, access management, configuration management, encryption techniques, secure development lifecycle (SDLC), cloud security, and 3rd party security.
• Sound understanding of Payment Card Industry (PCI) standards and requirements.
• Knowledge of digital forensics, software programming, and web-based application security.
• Knowledge and skills in implementing privacy, audit, and compliance is a plus.
• Team player and a quick learner with strong communication and presentation skills.
Bachelor's degree required
Master's preferred (Computer Sciences, CyberSecurity)
LICENSURE, CERTIFICATION OR REGISTRATION PREFERRED:
• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified in Risk and Information Systems Control (CRISC)
• Project Management Professional (PMP)