Sanford Health

Lead IT Security Specialist - Risk Management | IT Security | Multi-City

Location
Sioux Falls, South Dakota
Salary
Join our team!
Posted
Nov 17, 2020
Ref
34047
Industry
Technology
Role
IT
Job Type
Long-Term

Sanford Health is one of the largest and fastest-growing not-for-profit health systems in the United States. We're proud to offer many development and advancement opportunities to our nearly 50,000 members of the Sanford Family who are dedicated to the work of health and healing across our broad footprint.
See yourself at Sanford!

Facility: Stevens Center Building

Location: Sioux Falls, SD

Address: 900 East 54th St N, Sioux Falls, SD 57104, USA

Shift: Day

Job Schedule: Full time

Weekly Hours: 40.00

Job Summary

The Lead IT Security Specialist is responsible for managing the day-to-day function for IT Risk Management. The lead security specialist will work closely with both IT and other stakeholders to ensure that Sanford has appropriate security policies, standards, and procedures which align with industry standard control frameworks including HIPAA and NIST. The lead security specialist will oversee risk assessments, security policies/standards, vendor risk, security metrics, and overall security program governance.
The lead security specialist is required to develop, implement, and maintain security policies, procedures, and guidelines. They are required to monitor and review security practices for compliance with the HIPAA and Sanford security standards. This includes in-depth audits and risk assessments of vendors and systems. They are required to oversee the day to day operation including providing direction of other staff with both formal instructions as well as mentorship. Will serve as the go to resource and subject matter expert for complex questions and issues around security governance and security policies. Responsibilities:
Work closely with the Director IT Security Governance, technology solutions leaders, and other stakeholders to develop a comprehensive security program that identifies risk and prioritizes risk reduction efforts
Assist Director with the development of long-term strategic security planning and budgeting
Direct periodic risk and threat assessments to provide a realistic overview of current and future risks and threats
Develop and manage security policies and standards aligning to industry best practices and Sanford’s business needs
Monitor and report on compliance with security policies, as well as the enforcement of policies within the IT department.
Develop key risk indicators and operational metrics to provide oversight of the effectiveness of current controls.
Assist and coordinate periodic internal and external audits
Provide guidance and mentorship to junior staff
Qualifications:
Bachelor’s degree in cyber security or an information technology related field. Master's degree preferred. Advanced security training is required.
Minimum seven years' experience working in Cyber Security preferred. Strong working knowledge of the information security standards and procedures including HIPPA.
Security Certifications are highly desired.
Additional Qualifications:
The ability to organize and lead meetings with technology solutions peers, leaders and other stakeholders.
The ability to understand complex technical concepts and translate that to non-technical users.
The ability to interact with Sanford personnel, build strong relationships across business units and organizations, and understand business imperatives.
Excellent communication skills including the ability to create presentations and deliver them to a variety of both technical and non-technical stakeholders.
A strong understanding of the business impact of security tools, technologies, policies, and practices.
Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the technology solutions organization, project and application development teams, management and business personnel
In-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls, an excellent understanding of information security concepts, protocols, industry best practices and strategies.
Familiarity with common industry standard security frameworks and health care industry compliance and regulatory requirements

Qualifications

Sanford is an EEO/AA Employer M/F/Disability/Vet.
If you are an individual with a disability and would like to request an accommodation for help with your online application, please call 1-877-673-0854 or send an email to talent@sanfordhealth.org .

Job Function: Information Technology

Req Number: R-34047

Featured: No

More searches like this