Responsible for leading risk assessment initiatives of internal and external applications/solutions to determine their adherence to Piedmont’s Policies, Standards and industry best practices. Leading the development, implementation and management of all activities related to Piedmont Healthcare System’s Information Security Governance, Risk and Compliance Program. Develops enterprise information security policies, technical standards, guidelines, and procedures necessary to support information security in compliance with established company policies, regulatory requirements, and generally accepted information security controls.
Qualifications
MINIMUM EDUCATION REQUIRED:
Bachelor’s degree in Information Security or related field required. In lieu of degree, four (4) years of relevant work experience will be accepted in addition to the experience requirement.
MINIMUM EXPERIENCE REQUIRED:
Four (4) years of experience in Information Security or a closely related field involving Security standards and regulations (such as HIPAA, PCI-DSS 3.2, ISO 27001, HITRUST and NIST) with a solid understanding of network security protocols and methodologies. (If no degree, a total of four (8) years of experience required.)
MINIMUM LICENSURE/CERTIFICATION REQUIRED BY LAW:
None.
ADDITIONAL QUALIFICATIONS:
Certified in one of more of the following area(s): Certified Information Systems Security Professional (CISSP), Healthcare Certified Information Security and Privacy Professional (HCISPP), GIAC Security Essentials Certified (GSEC), Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Auditor (CISA) or equivalent certification. Strong project management skills with leadership experience in an IT Support Organization preferred.
#J-18808-Ljbffr
