| Position Summary |
Positions in this job family provide direction and support for computer-based information and communication systems. Work performed in this job family is related to technical support, programming and development, database administration, network communications and administration, and systems analysis. Typical functions include distributed computing, computer hardware/software, computer networking, telecommunications (voice & data), systems development, programming, computer installation and maintenance, operations, web development/design, desktop support, systems security, etc.
DUTIES
Responsible for coordinating and leading information technology security activities across Morehouse School of Medicine (MSM) and Morehouse Healthcare (MHC).
Accountable for four principal functions: information technology (IT) risk management, IT security policies, IT security awareness, and IT security architecture.
Develops and monitors information technology security practices to ensure the institution’s information and technology infrastructure is secure from unauthorized access, protected from inappropriate alteration, physically secure, and available to authorized users in a timely fashion.
Supports the Chief Information Officer (CIO) in annual reporting to the Executive Office on the effectiveness of the institution’s information technology security program, including progress of remedial actions.
KNOWLEDGE – SKILLS – ABILITIES
Extensive knowledge of current and upcoming IT security technologies and techniques that cover all levels of IT architecture, including those that affect business processes, data, applications, and network and systems infrastructure, and their effects on a diverse computing environment
Knowledge of relevant law, guidance and policy, such as the Family Educational Rights and Privacy Act (FERPA), Health Insurance Portability Accountability Act (HIPAA), Gramm-Leach-Bliley (GLB) Act, Communications Assistance for Law Enforcement Act (CALEA) and others.
Knowledge of the various industry and government strategies and standards in privacy and security, including Information Technology Infrastructure Library (ITIL), Control Objectives for Information and related Technology (COBIT), International Organization for Standardization (ISO), US National Institute for Standards and Technology (NIST), and others where applicable.
Knowledge of computer based patient record systems and various protocols relative to privacy and confidentiality of health information is preferred.
Extensive experience in TCP/IP networking, intrusion detection systems, firewalls, virtual private networks, access controls, encryption techniques, IT security solution deployment strategies and management, and vulnerability assessments.
Supervisory Responsibilities
Supervises other employees within the department.
|