Massachusetts Healthcare Jobs

Reporting to the Vice President of IT, the Director of Information Security will develop and implement information security strategy and technology solutions to address the current and emerging information security requirements of the organization. This role will require a visionary leader who understands the global information security & risk impacts, and has a sound understanding of cybersecurity technology tools, methods, and processes. This role requires a leader who works with business stakeholders, assesses needs, builds awareness, and develops informed strategy and direction for information security. This person will lead all security initiatives for the organization. Position Responsibilities: Responsibilities include but are not limited to the following: Awareness and Governance Develop and manage a targeted information security awareness training program for all employees, contractors, and approved system users, and establish metrics to measure the effectiveness of this security training program for the different audiences Lead cross-functional Information Security Steering Committee, infusing information security governance procedures that foster resiliency, raise awareness, govern policy, and review cybersecurity related activities Provide clear risk mitigating directives for projects with components in IT, including the mandatory application of controls Foster a Security Awareness Champions program to spread the word and infuse security awareness behaviors, cybersecurity risks and policies Perform annual risk assessment and business impact analysis Assist in performing audits using industry standard security methods to help strengthen internal security controls, procedures, and policies Investigate security incidents, develop remediation plans, and work with appropriate stakeholders to implement resolutions Security Operations Manage and provide additional security evaluations for existing or new vendors, partners, and systems Leverage security tools and data sets to provide visibility into vendor security posture and risk Work with IT and technology stakeholders to evolve new business continuity and disaster recovery plans Support data protection and privacy initiatives in compliance with the data protection standards of both US and foreign Align with internal compliance teams on policy updates in global data privacy standards Work with MSSP to monitor and manage all IT security tools and platforms including Security management platforms, Anti-Malware/Ransomware, log management systems, and information security training systems Work with IT department, MSP, legal and compliance teams to keep security polices updated, communicated, and enforced Review existing security architecture, identify design gaps, and recommend security enhancements Stays abreast of emerging security technologies and integrates them into security architecture as needed Ensures alignment between security architecture frameworks, IT standards and overall business strategy Achieves security architecture compliance on industry-specific requirements as well as state and federal regulations Leadership Lead, grow and manage the Information Security Program at IHI, with the responsibility to ensure that information assets and associated technology are all adequately protected Partner with all business leaders while working closely with service desk, Infrastructure and Enterprise/Business Applications teams Create a risk-based process for the assessment and mitigation of any information security risk in the IHIs ecosystem consisting of faculty, vendors, consumers and any other third parties Responsible for identifying, evaluating, and reporting on legal and regulatory, IT and cybersecurity risk while supporting and enabling business goals Position Knowledge, Skills and Abilities: Strong Interpersonal skills