Mgr Info Security Office

Novant Health - Fort Mill, SC (30+ days ago)3.7


Location: Indian Land, SC

Job Summary:
Under direction of the ISO, the Manager of the Information Security Office is responsible for overseeing and managing a comprehensive cybersecurity program in order to manage organizational risk to acceptable levels. The team member is responsible for managing the daily operations of the Information Security Office, hiring, training, and evaluating personnel, and ensuring that all work is completed in an accurate and timely manner. The team member demonstrates effective leadership, consultation, relationship building, communication, decision making and accountability.

The following qualifications are the minimum necessary to adequately perform this job. However, an approved equivalent combination of experience, education and training which provides the necessary knowledge, skills and abilities could be acceptable, subject to any licensure/certification/legal and/or regulatory requirements.

Qualifications:
Education: Bachelor's degree required. Master’s degree preferred. Minimum of four year degree, military equivalence or a combination of education and hands on work experience equivalence required.
Experience: Minimum of seven or more years of proven information security experience. Minimum of seven or more years of IT related experience. Minimum of seven or more years of customer service experience required. Experience working on a complex healthcare environment. Experience in carrying out leadership and management principles required.
Licensure/certification/registration: Security+ or equivalent, CISSP or equivalent required. ITIL Foundation, Professional Technology Certification required. MCITP:EA/SA, MCSE, MCSA, Network+) preferred.
Additional skills required: Current and future trends/practice in area of responsibility; regulatory and governing standards, policies and procedures; information systems and software used in area of responsibility; equipment used in performing assigned duties; application of safety and infection control policies and procedures; skills in interviewing and selection process; understanding of budgeting, staffing, payroll and purchasing processes; implementation of competency, feedback, development and progressive discipline processes; teambuilding; conflict management, and interpersonal relationship skills; principles of adult learning and teaching methods/models; decision making, project leadership and consultation; delegation and communication skills; understanding of customer needs and expectations and knowledge for improvement to exceed customer expectations. Ability to consistently apply critical thinking to all planning. Ability to formulate effective approaches to create necessary and sustainable change. Functional Knowledge of HIPAA, ISO 27001/27002 framework, NIST 800-53, PCI-DSS, and COBIT. Windows, MS Active Directory, Linux/Unix, Firewalls, SQL DBs, Routing, logging and monitoring, authentication systems, wireless, IDS/IPS, proxy technologies, remote access solutions (VPN, SSL, IPSEC) with two factor authentication, network security monitoring, traffic analysis, data loss prevention, forensic and eDiscovery tools, etc. Intermediate to advanced knowledge of MS Office products and SharePoint. Experience evaluating network penetration test results and application security assessments and vulnerability reports.