Information Security Officer

Location
Fort Worth, TX
Posted
Apr 11, 2017
Institution Type
Four-Year Institution

POSITION INFORMATION

Requisition Number
5147

Job Title
Information Security Officer

Department
Office of the CIO - 370000

Quick Link
www.unthscjobs.com/applicants/Central?quickFind=59851

Shift
Day

Department Overview
The Office of the CIO's mission is to provide exceptional services, secure infrastructure, and innovation in the delivery of information technology products and services to enable and empower staff, faculty, and students in the journey of continuous improvement.

Position Details
The Office of the CIO at the University of North Texas Health Science Center (UNTHSC) is seeking to hire an Information Security Officer to join the team.

Under the general direction of the CIO, the Information Security Officer (ISO) will be responsible for the development and delivery of a comprehensive information security program at UNTHSC. The scope of the security program is University-wide and includes regulatory compliance requirements across State of Texas, HIPAA, FERPA and other applicable Federal & State regulations.

This role requires a strong, knowledgeable leader that can provide Information Security vision, strategy, planning and hands-on responsibility as the Information Security Officer and HIPAA Security Officer for UNTHSC.

Responsibilities of the position include but are not limited to:

* Responsible for the strategic leadership of UNTHSC's information security program.
* Manage organization-wide information security governance processes.
* Chair the information security governance committee.
* Lead information security planning processes to establish a comprehensive information security program that supports academic research, clinical information systems, and technology.
* Establish annual and long-range security and compliance goals.
* Define security strategies, metrics, reporting mechanisms and program services.
* Create maturity models and a roadmap for continual program improvements.
* Design and implement a UNTHSC-wide information security risk management program.
* Provide leadership, direction and guidance in assessing and evaluating information security risks.
* Monitor compliance with security standards and appropriate policies.
* Keep abreast of security incidents and act as primary coordinator during significant information security incidents.
* Convene a Security Incident Response Team as needed, in addressing and investigating security incidences that arise.
* Coordinate the development of UNTHSC information security policies and standards.
* Ensure that information security related policies support compliance with external regulatory requirements.
* Oversee the dissemination of policies, standards, and procedures to the UNTHSC community.
* Provide oversight to design, build, maintain and monitor UNTHSC's information security technical controls and defense mechanisms.
* Play lead role to respond and engage with internal and external audits.
* Oversee post audit remediation work.

The University of North Texas System is firmly committed to equal opportunity and does not permit - and takes actions to prevent - discrimination, harassment (including sexual violence), and retaliation on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity or expression, age, disability, family status, genetic information, citizenship or veteran status in its application and admission processes, educational programs and activities, facilities, and employment practices. The University of North Texas System immediately investigates and takes remedial action when appropriate.

The University of North Texas System also takes actions to prevent retaliation against individuals who oppose a discriminatory practice, file a charge, or testify, assist or participate in an investigative proceeding or hearing.

Required Qualifications
The successful candidate will possess the following required qualifications:
* Bachelor's degree from a four-year college or university.
* 7 years in information technology or an IT related field (e.g. IT Audit) with at least 4 years of direct information security related experience.
* In depth knowledge of HIPAA specifically, as well as government and other regulations related to information security.
* At least one industry accepted security or IT control certification (CISSP, CISM, CRISC, or CISA).

Special Instructions to Applicants
Applicants must submit a resume and a cover letter with their online application.

Pay Rate
Commensurate with Experience

Pay Basis
Monthly

Job Type
Full-Time

Work Schedule
M-F

Application Types Accepted
Main Form

Occupational Exposure to HIV/HBV?
No

Occupational Exposure to Hazardous Chemicals?
No

Occupational Exposure to Tuberculosis?
No

Security Sensitive?
Yes

Require a valid Texas Driver's License?
Yes

Require a certification?
Yes

If required, please list all certifications required for this position.
At least one of the following industry accepted security or IT control certifications:
* CISSP, CISM, CRISC, OR CISA


MINIMUM REQUIREMENTS

Official Job Title
Information Security Officer

Job Open Date
04-10-2017

Job Close Date
Open Until Filled

Job Category
Professions

PI97482553