Director information Security, Chief Information Security Officer (Remote)

Martin's Point Health Care - Malvern, AR

posted 3 months ago

Full-time - Senior
Remote - Malvern, AR
Insurance Carriers and Related Activities

About the position

Join Martin's Point Health Care, an innovative, not-for-profit health care organization dedicated to providing care and coverage to the people of Maine and beyond. As a part of our team, you will be joining a mission-driven organization focused on transforming the health care system while fostering a healthier community. Our employees thrive in a culture of trust and respect, where our core values of taking care of ourselves and others, continuous learning, collaboration, and enjoyment are lived out daily. Since 2015, Martin's Point has been recognized as a 'Great Place to Work', and we invite you to discover why. The Director of Information Security, who also serves as the Chief Information Security Officer (CISO), is responsible for the development and delivery of a comprehensive information security and privacy program across the organization. This program encompasses all forms of information, including electronic and print formats, and aims to ensure that all information created, acquired, or maintained by Martin's Point Health Care (MPHC) is utilized according to its intended purpose. The role is crucial in protecting MPHC's information and infrastructure from both internal and external threats, driving the adoption of the Business Continuity Management/Disaster Recovery (BCM/DR) program, and ensuring compliance with statutory and regulatory requirements regarding information access, security, and privacy. In compliance with MPHC's Department of Defense government contract, candidates for this position must verify their US citizenship and complete the required employment eligibility verification upon hire. The Director will coordinate the development of MPHC's information security policies, standards, and procedures, serving as the corporate compliance officer regarding state and federal information security policies and regulations. This role involves collaboration with key IT offices, data custodians, and governance groups to ensure that corporate policies align with external requirements. The Director will also oversee the dissemination of these policies and coordinate the development and delivery of an education and training program on information security and privacy for employees and authorized users, covering topics such as PCI, HIPAA Privacy & Security, and DoD regulations. Additionally, the Director will develop and implement incident reporting and response systems to address security incidents or breaches, respond to policy violations, and collaborate with compliance leadership to provide oversight for all information security policies and guidelines. The role requires keeping abreast of the latest security and privacy legislation and managing vendors and consultants associated with security. The Director will also mentor and coach security staff, provide consultation to management on security practices, and lead continuous process improvement efforts within the team.

Responsibilities

  • Coordinate the development of MPHC information security policies, standards, and procedures.
  • Serve as the corporate compliance officer for MPHC state and federal information security policies and regulations.
  • Work with key IT offices, data custodians, and governance groups in policy development.
  • Ensure corporate policies support compliance with external requirements.
  • Oversee the dissemination of policies, standards, and procedures throughout the organization.
  • Coordinate the development and delivery of an education and training program on information security and privacy matters for employees and authorized users.
  • Develop and implement Incident Reporting and Response Systems for security incidents and breaches.
  • Collaborate with MPHC Compliance senior leadership to develop and provide oversight for information security policies and guidelines.
  • Ensure the security department has the correct technical skill set for current and future needs.
  • Initiate and support LEAN process improvement initiatives.
  • Participate in the leadership of the Information Technology team.
  • Stay updated on the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities.
  • Responsible for MPHC BCM/DR strategy development and recovery planning with guidance from the CIO and IT Management Team.
  • Lead and direct the daily work of the security department.
  • Manage vendors, consultants, and outside contacts associated with Security.
  • Build and develop the Information Security Program for all lines of business.
  • Provide mentoring and coaching to members of the security staff in security disciplines.
  • Consult with all levels of management regarding appropriate use of security at MPHC.
  • Provide leadership for continuous process improvement efforts within the team.

Requirements

  • Bachelor's Degree in a related field or a combination of relevant education and experience (Master's Degree preferred).
  • 10+ years of relevant IT security experience, including management and leadership experience in an information technology department.
  • Working knowledge of and experience in the policy and regulatory environment of information security, especially in healthcare, government, or health insurance.
  • Experience in developing and administering information security programs is required.
  • Project ownership experience is necessary.
  • Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) is highly desired.

Nice-to-haves

  • Strong technical management and leadership skills.
  • Successful track record with management of technical teams delivering timely and specification-compliant technology solutions.
  • Ability to rapidly assess situations, develop alternatives, and make sound decisions based on evidence.
  • Knowledge of best practices in healthcare security and understanding of company objectives.
  • Effective team leader and builder.
  • Budgeting and contract negotiation experience.

Benefits

  • Competitive salary and benefits package.
  • Opportunities for continuous learning and professional development.
  • A supportive and collaborative work environment.
  • Health and wellness programs.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service