DUTIES: The Information Security Officer is responsible for the development and delivery of a comprehensive information security and privacy program. The Officer coordinates the development of Downstate Medical Center (DMC) information security polices, processes, standards and procedures and works with key IT managers, data custodians and governance groups in the development of such policies. The ISO is responsible for managing risks related to information security, business continuity planning, crisis management, privacy, and compliance. Responsibilities include the following: - Ensure all staff members are trained on SUNY DMC and governmental security requirements and promote cyber security awareness programs across the organization. - Ensure that DMC policies support compliance with external regulatory requirements. Manage the dissemination of policies, standards and procedures to the DMC community. - Work with the campus-designated FERPA, Records Access and HIPAA-privacy Officers on compliance issues as necessary. Prepare and submit required reports to external agencies. - Report any security breaches to all internal and external regulatory agencies and respond to third party inquiries. - Develop and implement an ongoing risk assessment program targeting information security and privacy matters; recommended methods for vulnerability detection and remediation, and conduct vulnerability testing. Including conduct and implementing required security measures to meet the ARRA meaningful use standard for the institution. - Develop plans to safeguard computer files and confidential information against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs. - Confer with users to discuss issues such as computer data access needs, security violations, and programming changes. - Monitor current reports of computer viruses to determine when to update virus protection systems. - Modify computer security files to incorporate new software, correct errors, or change individual access status. - Coordinate implementation of information security solutions and controls with both internal and external resources. - Protects system by defining access privileges, control structures, and resources. - Determines security violations and inefficiencies by conducting periodic audits. - Upgrades system by implementing and maintaining security controls. - Enforce SUNY DMC security guidelines and partake in implementation of business continuity and disaster recovery environment of all IT systems/applications. - Report information security performance against established security metrics, prepare management reports recapping and trending various categories of security issues and highlighting remediation activities. - Produce quarterly and year-to-date reports identifying threats and risks. (DUTIES AND RESPONSIBILITIES ARE NOT LIMITED TO THE ABOVE POSITION DESCRIPTION) QUALIFICATIONS: Core Requirements: - A Bachelor's or Master's Degree in Computer Science or related field of study. - Qualified candidate must possess a minimum of 3-5 years of information security experience, preferably in a healthcare environment. - Knowledge of national and international regulatory compliances and frameworks such as HIPAA, ISO, NIST, SOX, GDPR, and PCI DSS. - Excellent project management, written and oral communication skills desired. - Ability to work collaboratively with a broad range of constituencies is essential. - Strong problem solving and analytical skills. Additional Info: *Please ensure you include the 5-digit Line Number and Job Title in the subject line and body of your email submission.Closing Date: Open Until Filled STATE UNIVERSITY OF NEW YORK IS AN EQUAL OPPORTUNITY / AFFIRMATIVE ACTION EMPLOYER
Internal Number: 23840
About SUNY Downstate Medical Center
SUNY Downstate's College of Medicine, Health Related Professions, Nursing and its School of Graduate Studies offer students a broad professional education that will prepare them for practice or careers in any location and community. This education provides exceptional opportunities for those students with a commitment to promoting health in urban communities and addressing the complex challenges of investigating and preventing diseases that confront clinicians, educators, and researchers in such an environment. This special aspect of Downstate's unique mission is reflected in the students it attracts and selects, the vast majority of whom are drawn from the New York City Metropolitan area. Many of these students are members of minority and cultural groups underrepresented in the health professions, and/or come from families of first-generation immigrants or from economically disadvantaged backgrounds.