Chief Info Security Officer
- Requisition no: 503156
- Work type: Full Time
- Location: Medical Center
- School/Department: CUIMC IT
- Grade: Grade 108
- Categories: Information Technology
Reporting to the Chief Information Officer, the Information Security Officer will be in charge of policy, process and compliance aspects of Information Security at CUMC, providing leadership, strategic, and line management directions. The purpose of the position is to bring information security risks under control through management of information security. The Information Security Officer understands the health care business, understands what makes it successful, identifies the factors that can put that success at risk, and then finds ways of managing that risk through technical, operational or procedural safeguards.
- Coordinate the development and execution of effective information security programs – 25%
- Communicate complex risk issues to senior management. Participate as a member of Information Services Management, providing pertinent security information and input to strategic and tactical planning; budget preparation; initiatives and projects planning; internal and external reporting; and other management activities as required – 15%
- Understand the of balancing information security requirements and medical center mission, goal, and culture – 15%
- Provide direction and guidance to assure compliance with and training of security policies and regulations – 10%
- Manage the development and implementation of global information security policy, standards, guidelines and procedures to ensure ongoing maintenance of security – 10%
- Oversee the investigation of security breaches and assist with disciplinary and legal matters associated with such breaches as necessary – 10%
- Make recommendations on appropriate personnel, physical and technical security controls
- Coordinate the assessment of computer systems and network security risks: investigate and develop contingency plans by undertaking risk analysis, security investigations, surveys, and threat assessments – 10%
- Other duties as required 5%
- Bachelor's degree and/or equivalent in education and experience. Minimum 10 years related experience. Advanced degree desirable.
A background in technical IT activities such as IT architecture, development or operations, with a clear interest in information security. Experience in presentation of information security to diverse group of non-security professionals in academic medical center setting. Knowledge of health care regulations (HIPAA, ARRA, 21 CFR Part 11, etc.) and recent developments in health care IT.
- Type other requirements and/or special indicators if CUIMC
Equal Opportunity Employer / Disability / Veteran
Columbia University is committed to the hiring of qualified local residents.