Our Lady of the Lake Regional Medical Centerposted 2 months ago
Full-time - Mid Level
Baton Rouge, LA
Hospitals
About the position
The IS Security Program Manager provides expertise in Information Security to ensure compliance with applicable policies, security, and privacy standards, and state and federal laws and regulations. Evaluates the effectiveness of information security controls, prepares risk assessments and compliance gaps, and reports on findings. Assists Information Security management in large projects, PCI compliance, NIST standards, documentation of metrics, and policy management.
Responsibilities
- Supports and integrates FMOLHS IS Security risk strategy, goals and decisions into the day-to-day operations of the department.
- Assists the director by developing and recommending appropriate information security policies, standards, procedures, checklists, and guidelines using generally-recognized security concepts tailored to meet the requirements of the organization.
- Plans, prioritizes, and assists security managers in the work of team members in order to meet established goals and objectives, provide timely and communicate regularly with other teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items.
- Partners with business, technical, and compliance resources in support of customer related security and compliance activities. Identifies and documents specific security issues, propose resolution options, and interprets matters from the perspective of involved stakeholders.
- Assists in planning and management of security audits and penetration tests whether they are carried out by consultants or on-site employees.
- Develops and implements data driven performance improvement methodologies. Maintains accurate records for use in evaluating organizational performance. Identifies ways of improving current services and consults with management on issues and problems.
- Ensures security, integrity, and privacy of FMOLHS data in conjunction with FMOLHS policies and procedures.
- Assists in the collection and storage of security policies.
- Creates and assist in cyber security contract language.
- Creates and manages security annual education and partnering with marketing to ensure all employees are trained effectively.
- Assists in the project plan and implementation for PCI Compliance initiatives.
Requirements
- 5 years experience IS security or related field with at least 2 years experience in an IS leadership or project management role
- Bachelor's Degree in Computer Science, Information Technology, Business Administration or related field
- Proficient in Microsoft Word, Excel, Outlook, Visio and PowerPoint
- Proficient in NIST standards
