Healthcare IT Security Risk Manager

Job description

Job location: Miami, FL

Employment Type: Full-time
Posted data: 2020-11-18
Req: R100043115
Current Employees:If you are a current Staff, Faculty or Temporary employee at the University of Miami, please click here to log in to Workday to use the internal application process. To learn how to apply for a faculty or staff position using the Career worklet, please review this tip sheet.

Transforming Lives

The University of Miami is among the top research universities and academic medical centers in the nation, and one of the largest private employers in South Florida.

With more than 16,000 faculty and staff, the University strives for excellence, and is driven by a powerful mission to transform and impact the lives of its students, patients, members of the community, and people across the globe.

The University is committed to fostering a culture of belonging, where everyone feels valued and has the opportunity to add value. Through values of Diversity, Integrity, Responsibility, Excellence, Compassion, Creativity, and Teamwork (DIRECCT) the U community works together to create an environment driven by purpose, excellence, community, and service.


The Healthcare IT Security Risk Manager is responsible for identifying and managing IT Security Risks in University of Miami's Healthcare Operations. They're also the principle healthcare security incident response liaison for UMIT during IT security incidents. Risks must be documented and managed through a comprehensive risk register. These risks include confidentiality, integrity, availability and regulatory compliance.


  • Develop and maintain a comprehensive healthcare IT security risk register.
  • Rate risks using a defined and documented process to ascertain a probability, impact and combined score for each risk. The risk and impact analysis must take into consideration the special nature of healthcare operations.
  • Develop mitigation strategies for each identified risk and insure that these strategies are followed.
  • Act as the principle UHealth liaison for UMIT security incident response. This includes coordinating activities of all UHealth staff during the security incident and documenting incident response.
  • Participate in IT vendor evaluations to insure that business associates meet regulatory requirements related to security and that controls are in place that mitigate any identified risks.
  • Manage and facilitate UHealth IT security related audits.
  • Ensure compliance with Health IT regulations such as HIPAA.
  • Write policies and procedures related to UHealth IT security operations as directed.
  • Principal Editor of all UHealth IT Security related policies and procedures.
  • Support the UHealth privacy office with issues related to regulatory compliance related to confidentiality of UHealth's information assets and related investigations.


  • Bachelor's Degree in a related field or equivalent experience
  • 5+ years in Healthcare IT
  • 2+ years in IT security or risk management

Knowledge, Skills, and Abilities:

  • PMl or ScrumMaster certification required
  • Detailed understanding of HIPAA and HITECH and related regulations.
  • ISACA certification or (ISC)2 certification required
  • Familiarity with the NIST Cybersecurity Framework and the NIST SP800-53r4 and NIST SP800-171r2 standards is desired
  • An in depth understanding of common IT and Healthcare IT security risks and mitigation strategies.
  • Deep knowledge of SSAE 16 SOC-2 report is and how it applies to Health IT and Healthcare IT Business Associates.
  • Excellent written and verbal communication skills.
  • A comprehensive understanding of standard IT infrastructure and administration practices.
  • The ability to identify and quantify IT related risks and common mitigation strategies.
  • An excellent understanding of COBIT
  • Work independently with limited oversight

The University of Miami offers competitive salaries and a comprehensive benefits package including medical, dental, tuition remission and more.

UHealth-University of Miami Health System, South Florida's only university-based health system, provides leading-edge patient care powered by the ground breaking research and medical education at the Miller School of Medicine. As an academic medical center, we are proud to serve South Florida, Latin America and the Caribbean. Our physicians represent more than 100 specialties and sub-specialties, and have more than one million patient encounters each year. Our tradition of excellence has earned worldwide recognition for outstanding teaching, research and patient care. We're the challenge you've been looking for.

Patient safety is a top priority. As a result, during the Influenza ("the flu") season (September through April), the University Of Miami Miller School Of Medicine requires all employees who provide ongoing services to patients, work in a location (all Hospitals and clinics) where patient care is provided, or work in patient care or clinical care areas, to have an annual influenza vaccination. Failure to meet this requirement will result in rescinding or termination of employment.

The University of Miami is an Equal Opportunity Employer - Females/Minorities/Protected Veterans/Individuals with Disabilities are encouraged to apply. Applicants and employees are protected from discrimination based on certain categories protected by Federal law. Click here for additional information.

Job Status:

Full time

Employee Type:


Pay Grade:





Diversity Profile: University



View more

Learn more on Inside Higher Ed's College Page for University

Arrow pointing right
Job No:
Posted: 11/20/2020
Application Due: 2/18/2021
Work Type: