Business Information Security Officer (98P)

Location Danbury, CT**Job Type:** Full-Time Employee**Location:** Danbury, CT, hybrid work schedule**** Full vaccination is required****Summary**Our client is seeking a dynamic and passionate ***Business Information Security Officer (BISO)*** who will work closely with the other members of the Information Security team to further develop and mature a comprehensive information security program, as a senior member of the IT Governance, Risk & Compliance team. This person will lead security and privacy efforts, including audits, required to maintain compliance with relevant standards and regulations (e.g., HIPAA, HITRUST, PCI) and must be technical with a focus on security.The BISO will be the primary contact for security risk related concerns with internal stakeholders and third-party vendors and coordinate ongoing activities related to the definition, development, coordination, testing and maintenance of the Organization's Business Continuity Plans (BCP) and ITs Disaster Recovery Plans (DRP). Day-to-day responsibilities include partnering with the technology teams and vendors to ensure that product security requirements are evaluated and prioritized, and security best practices are part of the technology life cycle from beginning to end.**Education and Experience:*** Bachelor's degree (BS) in MIS, IT, Information Security, Risk Management or related field (MBA is a plus)* Seven (7+) years of information technology, information security, and risk, program or process management experience.**Minimum Knowledge, Skills and Abilities Requirements:*** Extensive experience working with information security practices, networks, software, and hardware.* Extensive background with hospital systems and programs.* Demonstrated experience in computer security combined with risk analysis, audit, and compliance standards.* Extensive knowledge with government regulations as they pertain to the healthcare industry.* Strong process oriented individual with experience in ITIL concepts, NIST, CIS CSC and/or HITRUST common security frameworks.* Experience with GRC framework and/or tools* Ability to communicate clearly and concisely (both written and verbal, presentation and interpersonal skills) required.* Demonstrated leadership and management experience* Ability to establish credibility and working relationships with a wide range of corporate personnel, including operations, management, executive and legal staff as well as external personnel, including auditors and regulators.* Excellent conceptual, organizational, analytical and problem-solving skills required.* Superior analytical, evaluative and problem-solving abilities.* Ability to present ideas in business-friendly and user-friendly language.* Exceptionally self-motivated, directed and detail-oriented.* Ability to set and manage priorities judiciously and accept responsibility willingly.* Be available on an on-call basis to respond to pending issues or problems arising during non-business hours and provide support and response.**License, Certification, and Requirements:*** CISSP, CISA or Other Senior Level Information Security Certification Preferred.* Project Management certification is a plus.