WakeMed
Director Information Security
WakeMed, Raleigh, North Carolina, United States, 27601
About WakeMed:Serving the community since 1961, WakeMed Health & Hospitals is the leading provider of health services in Wake County. With a mission to improve the health and well-being of our community, we are committed to providing outstanding and compassionate care. For more information, visit www.wakemed.org.EOE
Position Information:Responsible for establishing, implementing, managing and operating an information technology security program that safeguards corporate and patient data processed stored and transferred using the organization's information processing resources. Oversees the strategic planning architecture design and delivery of various enterprise technologies services and applications as well as the growth of the Identity and Access Management (IAM) and Privilege Access Management (PAM) goals. Responsible for leading the security incident response service; this includes responding to security incidents investigating breaches and implementing corrective action. Leads the company's security intelligence and operations including cyber threat intelligence threat detection and prevention vulnerability management and security vendor management to include the Managed Security Services contracts. The Director of Information Security will work closely and collaboratively with organizational leaders, end users and external parties to ensure the organization is protected from existing and emerging threats. Directs a team of Engineers Administrators and Analysts responsible for delivering secure cost effective and highly reliable security processes procedures and technologies including but not limited to IPS/IDS antivirus firewalls Data Leak Protection (DLP) encryption secure file transfer SPAM & malware filters web content filters SailPoint Identity Management and user authentication. Overseeing the coordination development and support for EMR security access including Epic provider (SER) and employee (EMP) user accounts and role base access. Defines develops implements and manages security policies and practices to protect the organizations data including patient healthcare information while maintaining compliance with HIPAA HITECH security regulations HITRUST Common Security Framework (CSF) and other applicable security regulations and standards including NIST CSF and corporate policies. Provides information systems security guidance awareness and training and participates in customer security inspections and reviews. Coordinates information system security audits by both internal and external auditors; works with both Human Resources and Legal on eDiscovery Litigation Holds and digital security investigations.
Experience Requirements:8 Years Information Technology - Data Security And 5 Years Management Required - And Healthcare Preferred
Education Required:Master's Degree Information Systems Or Computer Science Or Related Field Required
Licensure/Certification Requirements:Certified Information Systems Security Professional Required
Hours of Work:Monday-Friday 8:00am-5:00pm
Weekend Requirements:As Needed
Call Requirements:As Needed#J-18808-Ljbffr
Position Information:Responsible for establishing, implementing, managing and operating an information technology security program that safeguards corporate and patient data processed stored and transferred using the organization's information processing resources. Oversees the strategic planning architecture design and delivery of various enterprise technologies services and applications as well as the growth of the Identity and Access Management (IAM) and Privilege Access Management (PAM) goals. Responsible for leading the security incident response service; this includes responding to security incidents investigating breaches and implementing corrective action. Leads the company's security intelligence and operations including cyber threat intelligence threat detection and prevention vulnerability management and security vendor management to include the Managed Security Services contracts. The Director of Information Security will work closely and collaboratively with organizational leaders, end users and external parties to ensure the organization is protected from existing and emerging threats. Directs a team of Engineers Administrators and Analysts responsible for delivering secure cost effective and highly reliable security processes procedures and technologies including but not limited to IPS/IDS antivirus firewalls Data Leak Protection (DLP) encryption secure file transfer SPAM & malware filters web content filters SailPoint Identity Management and user authentication. Overseeing the coordination development and support for EMR security access including Epic provider (SER) and employee (EMP) user accounts and role base access. Defines develops implements and manages security policies and practices to protect the organizations data including patient healthcare information while maintaining compliance with HIPAA HITECH security regulations HITRUST Common Security Framework (CSF) and other applicable security regulations and standards including NIST CSF and corporate policies. Provides information systems security guidance awareness and training and participates in customer security inspections and reviews. Coordinates information system security audits by both internal and external auditors; works with both Human Resources and Legal on eDiscovery Litigation Holds and digital security investigations.
Experience Requirements:8 Years Information Technology - Data Security And 5 Years Management Required - And Healthcare Preferred
Education Required:Master's Degree Information Systems Or Computer Science Or Related Field Required
Licensure/Certification Requirements:Certified Information Systems Security Professional Required
Hours of Work:Monday-Friday 8:00am-5:00pm
Weekend Requirements:As Needed
Call Requirements:As Needed#J-18808-Ljbffr