Sr. Cybersecurity Administrator
Do you want to use your Cybersecurity and Engineering expertise and skills to indirectly help conquer cancer and make a difference in the world?
Cancer strikes more than 10 million people worldwide each year. As the leading medical society representing doctors who care for people with cancer, the American Society of Clinical Oncology (ASCO) is committed to conquering cancer though research, education, and promotion of the highest quality patient care.
Who we are:
ASCO is a stable, forward-thinking, growing membership organization that operates in a results-oriented work environment in which employees’ evaluation emphasizes performance outcomes over presence or time. This is an Alexandria, VA position that offers an excellent benefits package and opportunities to participate in professional development programs. To learn what it’s like to work at ASCO, visit www.asco.org/jobs.
Who we are looking for:
The American Society of Clinical Oncology (ASCO) has an exciting opportunity for an experienced and highly-motivated Sr. Cybersecurity Administrator to lead and manage cybersecurity efforts in support of CancerLinQ™. This system, (www.cancerlinq.org), aggregates data from the routine care experience of cancer patients to improve the quality of care and health outcomes of all patients with cancer.
What you will do:
- Manage and oversee the design, development, implementation, and maintenance of security tools, dashboards, cybersecurity, and risk management while using strategic and planning skills to develop processes, improvements, and strategies
- Monitor, troubleshoot, and manage networking and systems protection strategies including cross-functional development of workflows, and systems. Monitor application and network vulnerabilities for potential security concerns while anticipating unmet customer needs and outcomes; develop mitigation strategies; and execute mitigation tactics.
- Lead and oversee responses to security incidents. The Sr. Cybersecurity Administrator must be able to analyze and determine the root cause and impact of vulnerabilities and threats, apply defensive action to protect and defend organization systems, and communicate with stakeholders and third parties to coordinate the organization’s response.
- Oversee and manage the relationship with the organization and third-party vendors, including managed security, cloud hosting, and others regarding firewalls, IDS/IPS, antivirus, secure file transfer, and other related matters.
- Develop, review and analyze audit reports from systems hosting sensitive data (i.e. personal information including, but not limited to, protected health information and other personally-identifiable information). Assist with annual comprehensive risk assessment to ensure compliance with HIPAA/HITECH.
What you will need in order to be successful:
- A minimum of six years working experience with privacy and security compliance, preferably in the healthcare industry
- Bachelor’s degree in computer science, or related field
- Knowledge of and experience with state data breach laws and cybersecurity frameworks; knowledge of HIPAA and HITECH being a plus
- Basic programming skills to develop XML or SQL-based queries to generate audit trail
- Experience using HANA Studio or a similar program to conduct audits
The ideal candidate will also possess:
- An advanced degree in computer science, or a related field
- Data Security Certification(s) (CISSP, CITM, HCISSP,CCFP, CISM, CISA, GIAC, or similar)
- Familiarity with NIST guidance on security risk management, including the Cybersecurity Framework
- Familiarity with HITRUST Common Security Framework
- Familiarity with the National Healthcare and Public Health Information Sharing and Analysis Center
ASCO is proud to be an Equal Opportunity Employer (EOE)