Job Title: Information Security Officer
Position Accountabilities:
• The delivery of quality service and positive interaction with DAF customers is critical to the completion of all the tasks within this job description.
• Participates in the development, documentation, communication, testing, and periodic review and revision of business continuity and disaster recovery plans.
• Provide for training on specific-security issues for various communities of the hospital.
• Develop and maintain an IT security policy for the hospital, working with the appropriate executive committees.
• Develop and follow an audit plan for assessing security risks in the hospital and medical school units.
• Perform security audits, monitor compliance, perform risk and vulnerability assessments of hospital information systems.
• Present audit findings to hospital administration.
• Monitors and assures that policies and procedures related to accuracy, integrity, confidentiality and security are followed by project team members and departmental personnel in the implementation and maintenance of information systems.
• Develop and maintain system agreements with appropriate staff to ensure confidentiality and security.
• Participate on hospital and relevant committees in regard to system and data security as necessary.
• Liaison with the IT manager to keep hospital management informed of information and security issues and practices.
• In occasions where security breaches might occur involving systems within the hospital, assist physical and technical staff in understanding the source of the attack, in assessing and containing damage and in devising measures that will help protect against such events in the future.
• Train incident response IT team. Maintain a database of intrusions and incidents, tracking the cost of intrusions.
• Ensure the compliance with governmental regulations and accreditation requirements.
• Maintain security documentation as required for outside regulatory entities.
• Works closely with system, network, physical and PC support team in securing hospital and patient information.
• Keep abreast of security related technology, practices and regulations in the marketplace.
• Develop and maintain the IT security program for the hospital, based on an understanding of current and future technologies and the current state of IS Security.
• Develop with administration strategic enterprise wide plans for security policies, practices, and technology enhancement.
• Develop security architecture for the hospital, including hardware and software components, definition of the network perimeter and catalog of information resources and assets.
• Performs other related duties as assigned or requested.
Minimum Education:
• D.S. in computer science, electrical engineering, or a related filed.
• CISA, CISSP certification if preferred.
Minimum Education:
• Six years progressively responsible systems security experience specific to developing, implementing and monitoring security systems.
Preferred field-of-Expertise:
• Hospital and clinical information systems security.
Interested candidates are requested to send your updated CV to:
careers.2013@live.com with #ISO# in the subject line