Chief Information Security Officer
Job location: Miami, FL
Employment Type: Full-time
Posted data: 2020-11-30
Current Employees:If you are a current Staff, Faculty or Temporary employee at the University of Miami, please click here to log in to Workday to use the internal application process. To learn how to apply for a faculty or staff position using the Career worklet, please review this tip sheet.Transforming LivesThe University of Miami is among the top research universities and academic medical centers in the nation, and one of the largest private employers in South Florida.With more than 16,000 faculty and staff, the University strives for excellence, and is driven by a powerful mission to transform and impact the lives of its students, patients, members of the community, and people across the globe.The University is committed to fostering a culture of belonging, where everyone feels valued and has the opportunity to add value. Through values of Diversity, Integrity, Responsibility, Excellence, Compassion, Creativity, and Teamwork (DIRECCT) the U community works together to create an environment driven by purpose, excellence, community, and service.
The UHealth CISO reports to the UHealth CIO and Establishes information technology (IT) security strategy and oversees the protection of the UHealth IT assets. The CISO is an advocate for UHealth's total information security needs and is responsible for a comprehensive information security strategy to optimize the cyber security posture of UHealth, protecting UHealth’s IT assets from security threats, cyber-attacks, and data loss. The scope of responsibility encompasses electronic communications, software applications, and supporting infrastructure.
The CISO oversees a wide-ranging collection of internal IT security experts, identity management resources, and service providers. The principle IT and information security service provider for UHealth is the University of Miami’s Information Technology (UMIT) team. The complexity of this position requires a leadership approach that is engaging, imaginative, and collaborative, with a sophisticated ability to work with other leaders to set the best balance between security strategies and other priorities.
- Provide guidance and counsel to the CIO and key members of the UHealth leadership team, working closely with senior administration, leaders, and the medical campus community in defining objectives for information security, while building relationships and goodwill.
- Stay abreast of information security issues and regulatory changes affecting healthcare delivery at the state and national level, participate in policy and practice discussions, and communicate on a regular basis about those topics.
- Lead efforts to internally assess, evaluate and make recommendations to management regarding the adequacy of the security controls for the UHealth’s information and technology systems
- Work closely with the Chief Privacy & Data Integrity Officer to provide technical assistance and review for operations, investigations, and organizational education related to information security.
- Work with auditors and consultants, as appropriate, on required security assessments and audits.
- Direct and approve the design and operation of information technology security infrastructure;
- Review and approve security policies, controls and cyber incident response planning;
- Oversee UHealth identity governance and access management
- Review investigations after breaches or incidents, including impact analysis and recommendations for avoiding similar vulnerabilities
- Maintain a current understanding of the IT threat landscape for the industry
- Ensure compliance with the changing laws and applicable regulations
- Identification of risks and actionable plans to protect the UHealth’s information technology assets
- Performing IT security risk assessments and reporting on ways to minimize threats
- Monitoring security vulnerabilities and hacking threats in network and host systems
- Make sure that cyber security policies and procedures are communicated to all personnel and that compliance is enforced
- Manage all teams, employees, service providers, contractors and vendors involved in IT security.
- Provide training and mentoring to security team members
- Constantly update the cyber security strategy to leverage new technology and cyber threat information
- Ensure that disaster recovery and business continuity plans are in place and tested
- Brief the executive team on status and risks, including taking the role of champion for the overall strategy
- Communicate best practices and risks related to cyber security to all parts of UHealth
- Provide leadership, direction and guidance in assessing and evaluating information security risks and monitor compliance with security standards and appropriate policies.
- Reports directly to the CIO of the Health System
Able to work independently providing concise status reports as necessary, supervises team members working with/on Clinical Applications within the Clinical Information Management Systems used within the University and the Health System.
Minimum Qualifications, Professional Skills and Traits (Essential Requirements):
- Demonstrated knowledge and understanding of IT security practices and how they apply to healthcare delivery operations
- In depth understanding of HIPAA and other related healthcare laws and regulations
- Demonstrated knowledge and understanding of healthcare delivery clinical and business processes
- Detailed understanding of common of healthcare software and related security vulnerabilities
- In depth understanding of computer network technology and network operations
- Comprehensive knowledge of cyber threats and attacks experienced by healthcare delivery organizations
- In depth knowledge of a wide variety of medical devices and how they leverage information technology to meet clinical objectives
- Ability to understand and explain complex technical processes and security issues to others
- Ability to supervise staff of professional, technical and clerical subordinates in a manner conducive to full performance and high morale.
- Ability to express ideas and information, clearly, concisely, verbally and writing.
- Ability to establish and maintain effective working relationship with subordinates, superiors, and officials of other departments.
- Ability to exercise judgment and discretion in devising, installing and interpreting rules, regulations, policies or procedures.
- In depth knowledge of IT program databases, technical support and help desk operations.
The University of Miami offers competitive salaries and a comprehensive benefits package including medical, dental, tuition remission and more.
UHealth-University of Miami Health System, South Florida's only university-based health system, provides leading-edge patient care powered by the ground breaking research and medical education at the Miller School of Medicine. As an academic medical center, we are proud to serve South Florida, Latin America and the Caribbean. Our physicians represent more than 100 specialties and sub-specialties, and have more than one million patient encounters each year. Our tradition of excellence has earned worldwide recognition for outstanding teaching, research and patient care. We're the challenge you've been looking for.
Patient safety is a top priority. As a result, during the Influenza ("the flu") season (September through April), the University Of Miami Miller School Of Medicine requires all employees who provide ongoing services to patients, work in a location (all Hospitals and clinics) where patient care is provided, or work in patient care or clinical care areas, to have an annual influenza vaccination. Failure to meet this requirement will result in rescinding or termination of employment.
The University of Miami is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities are encouraged to apply. Applicants and employees are protected from discrimination based on certain categories protected by Federal law. Click here for additional information.Job Status:Full timeEmployee Type:StaffPay Grade:i110