Location Site: Salem Hospital Main Campus
Department: SH IS Information Security
Position Type: Full Time
Start Time: 8:00
Pioneering healthcare since 1896, Salem Health is a top workplace offering highly competitive pay where you can make a difference in the lives of those in the community where you live. Through incorporation of Lean driven principles, staff are able effect change in the organization to solve problems, and drive continuous improvement.
As an employer of choice, we are devoted to assuring that we provide a safe, healthy, and patient-centric workplace, while keeping staff wellbeing and satisfaction top of mind.
We invite you to learn more about our wonderful community: There’s something about Salem, Oregon!
Your Role With Us:
The Manager, Information Security & Risk is the cornerstone of our cybersecurity program, leading security operations, data management, and identity management. This role requires a forward-thinking leader capable of developing staff expertise, driving process improvement, and facilitating cross-functional teamwork. The Information Security Manager will drive cybersecurity maturity, aligning standards with healthcare compliance requirements and safeguarding sensitive information. They will guide the selection and deployment of advanced security technologies, cultivate relationships with key organizational stakeholders, and offer expert counsel on emerging cyber threats. This position is vital in developing our cybersecurity infrastructure against evolving threats.
Responsibilities:
Maintains fundamental knowledge of area of responsibility. This knowledge should include both what work needs to be done as well as how the work will be done.
Provides management to team members and communicates the division’s direction and goals to functional areas. Uses HR systems for time tracking of staff, time-off, performance reviews, corrective action, hiring, and other HR processes.
Adheres to ITSM standards, coaches team members in making KPIs visible, and holds team members accountable for KPIs.
Fulfills IS Manager On-Call function for 1-week period on a rotating schedule. During this time, IS Manager will be available 24 hours per day for seven (7) days for major incidents related to any IS functional area.
Area Specific Functions:
Acts as Lean sensei and is responsible for team performance management, including identifying team performance gaps and development areas and fostering a culture of innovation, collaboration, and continuous learning. Designs and maintains Lean visibility board. Demonstrates use of visibility board in team huddles.
Responsible for establishing an Information Security program that ensures the confidentiality, integrity, and availability of organizational and patient data by providing oversight to the architecture design and delivery of enterprise systems and applications as well as the development of the Identity and Access Management (IAM) goals. Develops roadmaps for functional areas, including staffing needs and budgets.
Acts as the accountable leader oversees and supports the design planning, coordination, and implementation of various enterprise technologies and services, escalating barriers as needed, and tracking projects to completion. Technologies include but not limited to endpoint protection, network detection, cloud security, email filtering, SIEM, Data Leak Protection (DLP), encryption, secure file transfer, web content filters, identity access, and user authentication.
Work closely and collaboratively with IS managers, Corporate Integrity &Privacy officers, emergency preparedness, and other leaders across the organization to ensure the organization is protected from existing and emerging threats.
Assists the CISO in developing and implementing security policies, procedures, and guidelines to protect the organization’s data, including patient healthcare information, while maintaining compliance with HIPAA and aligning with industry-standard frameworks such as NIST, PCI, and other corporate policies. Work closely with stakeholders to address any compliance issues and implement corrective measures.
Provide strategic guidance regarding the security needs of Community Connect partners and other business and community partners. Accountable for ensuring the security of Salem Health systems connected with external entities and ensuring patient data is protected in transit between entities.
Total Rewards Offerings:
Salem Health's comprehensive benefits package prioritizes your mental and physical health, financial stability, family obligations and professional growth.
Relocation assistance available for qualified positions
Full comprehensive medical, dental, and vision plans
Basic and voluntary life insurance
Short and long-term disability
Live Well Wellness Program
Employee Assistance Program (EAP)
401(K) retirement plan with employer contributions.
Generous paid time off (PTO) accrual and holiday pay
Onsite fitness center with 24/7 badge access
Education assistance program
Public service loan forgiveness (PSLF) eligible employer https://studentaid.gov/
Food and drink discounts in the cafeteria.
Impressive discounts offered by Nike, Adidas, Carhartt and others.
Background/Expertise:
Experience:
Minimum of three (3) years of progressive leadership required.
Minimum of five (5) years of professional experience with Information Services, Healthcare or related experience; at least two (2) of those years must be in Information Security. A maximum of one (1) year of Information Security experience can come from well-respected security-related higher-level certifications such as CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional) or SANS GIAC Certifications e.g. (GSLC ( GIAC Security Leadership) and GCIH (GIAC Certified Incident Handler).
Education:
Bachelor Degree - Bachelor’s degree in Computer Science or related field required.
Masters Degree - MBA, MHA, or Finance or other applicable focus, preferred.
Licenses/ Certification/ Registration:
One or more Information Security certifications CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional) or SANS GIAC Certifications e.g. (GSLC ( GIAC Security Leadership) and GCIH (GIAC Certified Incident Handler)
Special knowledge, skills, & abilities:
In-depth knowledge of healthcare-specific security regulations and standards, such as HIPAA, HITECH, and HITRUST
Ability to perform as primary Subject Mater Expert (SME) as it relates to Information Security Operations.
Strong decision-making skills under pressure and ability to communicate effectively with stakeholders during incidents.
Ability to stay current on industry trends, regulations, and emerging threats.
Excellent verbal communication and public speaking skills, with the ability to effectively present to groups.
Strong prioritization and time management skills, able to navigate frequent interruptions and reprioritize workflows as needed.
Critical thinking with strong problem-solving skills.
Ability to create, implement, and monitor plans.
Strong leadership skills, including excellent interpersonal abilities, and the capacity to motivate, mentor, and develop team members.
Experience in setting performance goals, conducting performance evaluations, and providing constructive feedback.
Excellent organizational skills and the ability to adapt quickly to changing priorities.
Demonstrated ability to foster a collaborative and inclusive environment, effectively collaborating and negotiating with various stakeholders across multiple organizational levels.
Creativity, initiative, and integrity.
Salem Health Hospitals and Clinics is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, gender, gender identity, sexual orientation, age, national origin, disability, veteran status, genetic information, or any other status or condition protected by law.
Salem Health Hospitals and Clinics is committed to providing access, equal opportunity and reasonable accommodation for applicants. If reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact my.recruiter@salemhealth.org
preferred.