This job is with MSCI, an inclusive employer and a member of myGwork – the largest global platform for the LGBTQ+ business community. Please do not contact the recruiter directly.
Overview:Responsible for establishing, implementing, managing and operating an information technology security program that safeguards corporate and patient data processed, stored, and transferred using the organization's information processing resources. Oversees the strategic planning, architecture, design, and delivery of various enterprise technologies, services and applications, as well as the growth of the Identity and Access Management (IAM) and Privilege Access Management (PAM) goals. Responsible for leading the security incident response service; this includes responding to security incidents, investigating breaches, and implementing corrective action. Leads the company?s security intelligence and operations including cyber threat intelligence, threat detection and prevention, vulnerability management and security vendor management to include the Managed Security Services contracts. The Director of Information Security will work closely and collaboratively with organizational leaders, end users and external parties to ensure the organization is protected from existing and emerging threats. Directs a team of Engineers, Administrators, and Analysts responsible for delivering secure cost effective and highly reliable security processes, procedures and technologies including but not limited to, IPS/IDS, antivirus, firewalls, Data Leak Protection (DLP), encryption, secure file transfer, SPAM & malware filters, web content filters, SailPoint Identity Management, and user authentication. Overseeing the coordination development and support for EMR security access including Epic provider (SER) and employee (EMP) user accounts and role base access. Defines develops implements and manages security policies and practices to protect the organizations data including patient healthcare information while maintaining compliance with HIPAA HITECH security regulations, HITRUST Common Security Framework (CSF), and other applicable security regulations and standards, including NIST CSF and corporate policies. Provides information systems security guidance awareness and training and participates in customer security inspections and reviews. Coordinates information system security audits by both internal and external auditors; works with both Human Resources and Legal on eDiscovery, Litigation Holds and digital security investigations.Department Description:
Serving the community since 1961, WakeMed Health & Hospitals is the leading provider of health services in Wake County. With a mission to improve the health and well-being of our community, we are committed to providing outstanding and compassionate care. For more information, visit www.wakemed.org.
EOE
Licensure:Certified Information Systems Security Professional RequiredEducation:Master's Degree Information Systems Or Computer Science Or Related Field RequiredExperience:8 Years Information Technology - Data Security And 5 Years Management Required - And Healthcare Preferred