Business Information Security Officer-Research

7 days left

Location
Silver Spring, Maryland-Silver Spring
Posted
Feb 09, 2021
Closes
Mar 16, 2021
Ref
210000DE
Function
Analyst, Research
Industry
Healthcare
Hours
Full Time
Your north star: collaborate with the business unit in managing information risk and implementing information security controls to protect Children's National from cyber-attacks.

Position summary
The Business Information Security Officer (BISO) will oversee the full scope of security efforts across the business unit. Working in collaboration with the Research leadership, Chief Research Information Officer, business and IT leaders, the BISO will review projects, architectures, information security controls, risk management plans and identify gaps and enhancements to close those gaps. We are seeking a dynamic security leader who excels at taking ownership over challenges and implementing novel solutions. She or he is a doer who is equally comfortable collaborating with business partners, balancing tradeoffs that affect organizational security risk posture, mentoring junior staff, influencing colleagues, and rolling up his/her sleeves and executing.

Qualifications

Minimum Education
Bachelor's Degree (Required)
Master's Degree (Preferred)

Specific Requirements and Preferences
Bachelor's degree in a computer science, math, engineering or another relevant discipline (Required)
Advanced degree (MS, MBA) preferred (Preferred)

Minimum Work Experience
10+ years of experience in information technology (Required)
4+ years of experience in cybersecurity with a focus on risk analysis and mitigation (Required)

Required Skills/Knowledge
Knowledge of relevant security standards and best practices
Experience managing cybersecurity and technology risk, preferably in a healthcare organization
electing, deploying, integrating, and tuning a wide array of security technologies and solutions,
Background in securing academic or hospital institutions, and collaborating with business owners
Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences
Familiarity with architectural solutions to meet compliance requirements, including but not limited to: HIPAA/HITECH, NIST SPs, FIPS, FedRAMP, payment card industry standards, and global data privacy requirements

Functional Accountabilities

Core areas of responsibility that fall under this role include:
1. Analyzing attack vectors and developing solutions for emerging threats
2. Defining cybersecurity program metrics that align to standard frameworks and best practices
3. Ensuring alignment between security standard and business needs
4. Performing risk assessments of existing or new services, technologies, and vendors
5. Advising the CISO, stakeholders, and partners on systemic risk management issues and specific risk management recommendations
6. Owning the cybersecurity implementation projects and identifying requirements needed to meet our security and risk management objectives
7. Tracking current and emerging security threats and designing security solutions to mitigate them

Organizational Accountabilities
To be successful in this role you will need to be:
1. A team player who excels at supporting colleagues and focusing on shared results
2. An innovator who knows what it takes to execute and has a history of setting and meeting ambitions goals
3. A highly dependable "doer" who can work with little supervision while being resilient to change
4. A good listener who can check your ego at the door, allowing you to receive and provide candid feedback and criticism
5. Kind
6. An individual of high personal integrity who is able to act calmly in high-pressure and high-stress situations

Organizational Accountabilities (Staff)
Organizational Commitment/Identification
1. Anticipate and responds to customer needs; follows up until needs are met
Teamwork/Communication 1. Demonstrate collaborative and respectful behavior
2. Partner with all team members to achieve goals
3. Receptive to others' ideas and opinions
Performance Improvement/Problem-solving 1. Contribute to a positive work environment
2. Demonstrate flexibility and willingness to change
3. Identify opportunities to improve clinical and administrative processes
4. Make appropriate decisions, using sound judgment
Cost Management/Financial Responsibility 1. Use resources efficiently
2. Search for less costly ways of doing things
Safety 1. Speak up when team members appear to exhibit unsafe behavior or performance
2. Continuously validate and verify information needed for decision making or documentation
3. Stop in the face of uncertainty and takes time to resolve the situation
4. Demonstrate accurate, clear and timely verbal and written communication
5. Actively promote safety for patients, families, visitors and co-workers
6. Attend carefully to important details - practicing Stop, Think, Act and Review in order to self-check behavior and performance

Childrens National Hospital is an equal opportunity employer that evaluates qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender, identity, or other characteristics protected by law.

Similar jobs