Chief Information Security Officer

Job Level
Senior position
Job Category
C Level
  • Information Technology
Job Status
Areas of Responsibility
  • Network / Systems
Position Summary

Positions in this job family provide direction and support for computer-based information and communication systems. Work performed in this job family is related to technical support, programming and development, database administration, network communications and administration, and systems analysis. Typical functions include distributed computing, computer hardware/software, computer networking, telecommunications (voice & data), systems development, programming, computer installation and maintenance, operations, web development/design, desktop support, systems security, etc.

Responsible for coordinating and leading information technology security activities across Morehouse School of Medicine (MSM) and Morehouse Healthcare (MHC). 
Accountable for four principal functions: information technology (IT) risk management, IT security policies, IT security awareness, and IT security architecture. 
Develops and monitors information technology security practices to ensure the institution’s information and technology infrastructure is secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to authorized users in a timely fashion.
Supports the Chief Information Officer (CIO) in annual reporting to the Executive Office on the effectiveness of the institution’s information technology security program, including progress of remedial actions.

Extensive knowledge of current and upcoming IT security technologies and techniques that cover all levels of IT architecture, including those that affect business processes, data, applications, and network and systems infrastructure, and their effects on a diverse computing environment
Knowledge of relevant law, guidance and policy, such as the Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability Accountability Act (HIPAA), Gramm-Leach-Bliley (GLB) Act, Communications Assistance for Law Enforcement Act (CALEA) and others.
Knowledge of the various industry and government strategies and standards in privacy and security, including Information Technology Infrastructure Library (ITIL), Control Objectives for Information and related Technology (COBIT), International Organization for Standardization (ISO), US National Institute for Standards and Technology (NIST), and others where applicable. 
Knowledge of computer based patient record systems and various protocols relative to privacy and confidentiality of health information is preferred.
Extensive experience in TCP/IP networking, intrusion detection systems, firewalls, virtual private networks, access controls, encryption techniques, IT security solution deployment strategies and management, and vulnerability assessments.

Supervisory Responsibilities
Supervises other employees within the department.

Minimum Qualifications

Education: Bachelor’s Degree or higher.

Experience: 10 years of experience in senior information security or information technology positions or a combination of education, training or experience. Health Information experience preferred.
CISSP (Certified Information Systems Security Specialist) or other related security accreditation/certification is required.

Preferred Qualifications  
Posting Date 10/15/2018
Closing Date  
Open Until Filled Yes
Special Instructions to Applicants

No Staffing or Recruitment Agencies