Manager Security Risk Assessment Jobs in Nevada (NOW HIRING)

Company Description

In a professional, multidisciplinary environment, while maintaining a broad knowledge of state-of-the-art technology, equipment and systems the Privacy and Security Officer is responsible for the administration of the information security program and maintaining the confidentiality, integrity and availability of data within the organization's information systems for the Health Information Exchange. The Privacy and Security Officer has oversight of the risk assessment process, development of policies, standards, and procedures, testing, and security reporting processes. The Privacy and Security Officer oversees the computer systems infrastructure to safeguard protected health information (PHI) and business information assets following HIPAA guidelines. The Privacy and Security Officer provides periodic updates to the board or senior management. The Privacy and Security Officer Role is supported through HealthInsight's Privacy and Security Management Program.

Job Description

Responsible for implementing, managing and enforcing information security derivatives within regulatory mandates to protect PHI including, the Health Insurance Portability and Accountability Act, the American Recovery and Reinvestment Act provisions
Ensures the ongoing integration of information security with business strategies and privacy requirements
Works closely with operational and support units for ongoing optimal application of technology functionality to protect PHI, including the identity management program
Leads information security awareness and training initiatives to educate workforce about policies, procedures and information risks; coordinates with state-based information systems security officers
Conducts risk analyses to assess the probability of risks occurring and the impact on the organization
Creates an information security risk mitigation plan based on sound risk analysis
Performs ongoing security audits to assess effectiveness of policies/procedures and systems security safeguards
Works with contractual and other activities with vendors, outside consultants, business associates, and other third parties to improve information security practices
Leads the security incident response team in prevention, investigation, mitigation, and reporting activities; ensures appropriate enforcement sanctions for information security breaches
Responsible for budget related activities for the security program
Manages complaint and incident preventative and investigative programs related to security policies
Carries out periodic security risk assessments in conjunction with privacy requirements
Manages the security audit program; coordinates action plans for applicable departments to make improvements, when necessary
Documents and maintains risk analysis and remediation actions taken by the organization to reduce information security risks
Manages retention of performance improvement activity documentation for security functions and compliance responsibilities
Recommends system enhancements via capital and operational budget planning to keep pace with privacy and security and technology advances
Coordinates security survey regulatory activities and participates in accreditation surveys with external survey bodies
Participates in HealtHIE Nevada's internal quality improvement activities as appropriate
May delegate certain duties to appropriate individuals

Qualifications

Bachelor's degree in information systems, computer sciences, health information management or related field, plus two years of experience in health care including public health, or other health care-related profession; or a Master's degree in health care-related field plus one year of experience in health care including health informatics, public health, or other health care-related profession; or a relevant combination of education and experience
Health Information Technology and/or information technology experience desirable but not required
Certified Information System Security Professional (CISSP), Certified Information Systems Manager (CISM), Certified in Healthcare Privacy and Security (CHPS) or other related security certifications preferred
Availability to travel as necessary

Additional Information

Two years of experience and skill in word processing, basic spreadsheet and presentation software applications; familiarity with database software programs (Microsoft Office).
Excellent oral and written communications skills.
Excellent interpersonal and problem-solving skills.
Ability to organize and coordinate multiple simultaneous tasks in a team environment.
Knowledge of health care and clinical information system related standards
Knowledge of information security standards, rules and regulations related to information security and data confidentiality (e.g. HIPAA, FISMA, NIST, etc.)
Knowledge of risk assessment and management methodology and principles for risk identification, analysis, and mitigation