|
|||||
<
/td>
|
Job Description: Position Title: Sr. Information Security DirectorLocation: Towson, MD Status: Green Card Or US Citizen Clearance: None Responsible for the policy, implementation, and oversight of the Health Solutions Sector Information Systems Security (ISS) program. 1. Participates with the Vice President, Operations in leading the Health Solutions Sector in a visionary, collaborative, and stake-holder-focused manner to leverage IT resources in order to improve the security of information systems. 2. Directs the development and implementation of the Information Systems Security program for the Health Solutions Sector. 3. Proposes IT policies, standards, and procedures related to information systems security. 4. Advises senior management on major ISS decisions. 5. Directs all phases of planning and accomplishment of the information systems security functions and activities of the Health Solutions Sector and recommends final decisions on most highly controversial policy matters. 6. Responsible for implementing and advancing a risk-based approach to information security that provides the proper balance between protection and business results. 7. Supervises assigned staff, including subordinate manager(s). Responsible for managing matrixed Information Security organization and ensuring projects have appropriate information security staff assigned. 8. Responsible for the development of the ISS budget, determines allocation of resources and funding against stakeholder needs across the Health Solutions Sector user base and ensures that the execution of the budget is completed in accordance with ISS program goals and objectives. 9. Directs the assessment of information systems to ensure that appropriate security functions have been included in the systems design and architecture. Establishes, monitors and evaluates the performance of information systems in support of information systems security program accomplishments based on appropriate measures. 10. Audits Health Solutions Sector compliance with executive, legislative and company mandates affecting information systems security and periodically benchmarks company IT performance against industry costs and trends. 11. Responsible for the efficient management and safeguarding of resources and assures internal controls meet company standards. 12. Maintains current knowledge of relevant technology as assigned. Knowledge of virtualized and cloud computing environments required. 13. Supports business development, capture and proposal efforts from a security architecture perspective as assigned. 14. Participates in special projects as required. Education: 1. Bachelor's Degree in Computer Science or a related technical discipline. 2. Master's Degree preferred. 3. 15 or more years of related experience in data security administration including at least 10 years of proven experience managing complex information security projects. 4. Certified Information Systems Security Professional (CISSP) desirable. 5. Project Management Professional (PMP) certification highly desirable. 6. Health IT experience highly desirable. 7. Experience supporting Department of Defense (DOD), Department of Veterans Affairs (VA) and/or Centers for Medicare and Medicaid Services (CMS) is highly desirable. Experience: 12-15 years of related experience in data security administration, including at least 5 years of successful mid to large ($1M) program management, with proven experience managing complex information security projects. 1. Strong relationship, management, communication and presentation skills. 2. Ability to strike the right balance between risk and business agility. 3. Ability to work easily with multiple internal and external partners, build consensus to implement, drive to reach closure and manage expectations about delivery. 4. Business acumen: Knows how business works; is knowledgeable about current and future policies, practices, trends, technology and information relating to ISS and across government and industry. 5. Strong working knowledge of regulatory and statutory security requirements such as HIPAA, NIST, FISMA, DIACAP, ISO 27001+
An Equal Opportunity Employer M/F/D/V |
||||||||||||||
|
||||||||||||||
|
