---------------------------------------------------
SECURITYFOCUS JOBS - NEW OPPORTUNITY
---------------------------------------------------
JOB DESCRIPTION
---------------------------------------------------
Position: Director, Information Security
Location: Philadelphia, Pennsylvania, United States
Type: Permanent P/T
Closing Date: 2007-11-23
POSITION SUMMARY
The company desires to create a new role, Director of IS Risk Management. This
position will report directly to the Chief Information Security Officer/Health
System Director of Applications and Information Security and will have
strategic and operational responsibility for the information security program
across the organization. The key responsibilities for this position include:
1. Lead the transformation of Information Security and Business
Continuity program into an integrated Information Services Risk Management
program, including information security; business continuity; regulatory,
organizational policy, federal contract, and GAAP compliance; and quality
management.
2. Lead further development and implementation of a comprehensive
information security strategy. A strategy exists today, but it must be updated
to deal with emerging technology threats and vulnerabilities and the expanding
role of technology in clinical, research, and administrative operations. As
technology and organizational capabilities improve, the security program must
be expanded across the enterprise.
3. Manage the information security policies and procedures. This executive
will make and implement recommendations on appropriate personnel, physical and
technical security controls, and manage an incident reporting program to
minimize security risks and to correct security breaches.
4. Manage a portfolio of IS Risk Management projects identified in the
current enterprise operating plan and develop future projects to be included in
future plans.
5. Oversee IS quality management program including change control,
downtime root cause analysis, and other program components designed to maintain
standards for information confidentiality, availability, and integrity
commensurate with a world class health care network.
6. Engage with departments across the system, acting as a consultant on
information and data security issues. Educate users across the system to make
them more aware of information security issues.
JOB REQUIREMENTS
---------------------------------------------------
CANDIDATE SPECIFICATION
IDEAL CANDIDATE PROFILE
The following describes the desired credentials, skills, and personality
characteristics of the ideal candidate (not in priority order):
• A bachelor’s degree in computer science, business, or other
relevant subject or a bachelor’s degree in the clinical field with
significant information technology experience is required; an advanced degree
such as an MBA is highly desirable. Candidates without healthcare experience
will also be considered.
• Relevant certifications (CISSP, CISA) are highly desired, but
candidates lacking these credentials will be considered.
• A minimum of five years successful experience in a healthcare IT
managerial position with at least 10 years of total experience; alternatively,
significant relevant consulting experience focused on hospital information
technology will be strongly considered. Must have supervised technical staff
in the performance of his/her duties.
• A technical background centered on application development or
architecture; a pure infrastructure background is not as compelling.
• Expertise in preparing information services strategic plans with the
full participation of all user communities.
• A natural leadership style and demeanor that results in the development
and progression of staff; a reputation for leading by example and ability to
recruit and retain excellent staff.
• Strong written and verbal communication skills. This individual will
need to communicate complex technical issues to non-technical audiences, and be
able to influence and persuade those audiences.
• Possesses a style which is both creative and results-oriented. Enjoys
the challenge of managing multiple projects, multiple customers and
constituents that require attention. Must be able to handle stressful
situations, work in a fast-paced, demanding technology environment, and yet
remain calm in crisis.
• Works easily with a wide variety of interpersonal styles and is
open-minded on alternative means of getting needed business results.
• Has a track record of being a collaborative, process change leader, and
a master communicator.
CONTACT
---------------------------------------------------
If qualified, please contact Jennifer Spadavecchia: jennifer@altaassociates.com
Confidential
Jennifer Spadavecchia
Senior Recruiter
jennifer@altaassociates.com
---------------------------------------------------
SECURITYFOCUS JOBS
---------------------------------------------------
SecurityFocus now offers an online interface for
searching and managing job opportunities and resumes.
http://www.securityfocus.com/jobs
