Trinity Health REGIONAL INFO SEC MGR in Newtown Square, Pennsylvania
Provides oversight of the information systems security operations and initiatives in an assigned region within the Trinity Health organization.
Works under the leadership of theDirector – RHM Information Security to develop recommendations for operations leadership, and implements and maintains Trinity Health’s approach to information security in an effective and efficient manner that is both balanced and consistent with the mission, values, and operating goals of Trinity Health.
Assists and supports the Director – RHM Information Security in ensuring all projects and services meet Trinity Health Information security and regulatory standards, policies and procedures while delivering business requirements. Performs risk analysis on new projects, security exceptions, and audit issues.
Provides governance responsibilities over the security operations of outsourcer vendor(s), infrastructure Third Party Partners (TPP) and Cloud service providers.
Acts as an advocate and resource on information security for various Regional Health Ministry areas and/or system-wide initiatives (EMR, patient satisfaction surveys, etc). Assists business owners of various information resources in fully addressing security issues.
Knows, understands, incorporates and demonstrates the Trinity Health Mission, Vision and Values in behaviors, practices and decisions.
Functions as the primary contact for Information Security in assigned region. Advises TIS and Regional Health Ministry (RHM) leadership on enterprise security strategy, security architecture, and security design work; works with business stakeholders to define Information Security processes. Works collaboratively with other Senior Security Managers and the Security Officials to standardize information security industry best practices. Represents the Director – RHM Information Security, when applicable, on Information Security matters as well as serve as Information Security liaison with RHM Security and Privacy Officials. Reports regularly to the regional RHMs senior management regarding the status of compliance and mitigation of information security issues identified. Participates in site-specific meetings. Participates in the development and promotion of Information Security information for general awareness. Develops and implements RHM-specific security policies, procedures, and processes within the assigned region. (Policies and standards will be consistent with Trinity Health policies and standards and national regulations.).Monitors or enforces security policies, procedures and standards to ensure conformance with TIS objectives. Participates in the creation of the development and implementation of annual RHM security objectives and tactical plans to achieve strategic planning initiatives. Responsible for the prioritization of Infrastructure investments and maintenance involving IT security. Conducts security risk assessments and the identification and mitigation of vulnerabilities. Performs assessments of vulnerabilities, security alerts, controls, and threats to define the risk landscape. Develops and proposes strategies and plans to mitigate identified risks. Recommends and obtains approval for Security Exceptions with emphasis on least cost with minimum risks. Responds to audit points and tracks to resolution. Develops and provides oversight of the user access control systems by providing controls, processes, and procedures to prevent unauthorized access, Modification, disclosure, or destruction of Trinity Health information. Establishes and administers processes to positively identify all users, devices, applications and services prior to being able to use any Trinity Health application or system. Provides oversight and assistance in the resolution of reported security incidents. Coordinates activity with the RHM Security Official and Privacy Official, where applicable. Responsible for the oversight of security support staff, which includes hiring, evaluation, training and assignment of work. Interfaces with Legal in response to inquiries from governmental agencies (i.e., the Office for Civil Rights (OCR) and others), Joint Commission, Legal Services Group (LSG), MBO and CHI management relative to any compliance reviews or investigations within assigned region. Other duties as assigned. Maintains a working knowledge of applicable Federal, State and local laws and regulations, Trinity Health Corporate Integrity Program, Code of Ethics, as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior. Other responsibilities as assigned.
Bachelor’s degree or an equivalent combination of education and experience.
Minimum of seven (7) years of progressive experience in information services including five (5) years in information security, including experience in compliance with federal and state security regulations
Certified Information Systems Security Professional (CISSP), International Social Security Association* (ISSA)* or Certified Information Systems Auditor (CISA), preferred. May substitute an equivalent combination of education and experience.
Must possess a good understanding of enterprise security best practices relating to implementing and managing enterprise security solutions.
Strong knowledge of HIPAA, ISO 27001/2, FISMA, FIPS, and NIST security.
Ability to apply advanced technical knowledge and analytical skills within information security using diverse technologies in a complex security environment.
Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-RHMtivation with deRHMnstrated work ethic.
Must be committed to continual personal and professional growth, possess a pro-active approach with a willingness to “go the extra mile” every time for the customer.
Ability to work independently, manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with deRHMnstrated ability to prioritize projects and work load.
A personal presence which is characterized by a sense of honesty, integrity and caring with the ability to inspire and RHMtivate others to proRHMte the philosophy, mission, vision, goals and values of Trinity Health.
Job Number: 00076148
Location: Newtown Square, PA
Organization Name: Trinity Health
Facility: SO - System Office - Newtown Square
Employment Type: Full time
Shift: Day Shift