Job Information
Medical Center Hospital Chief Cybersecurity Information Officer Odessa, Texas
Position Summary:
The Chief Cybersecurity Information Officer (CCSIO) is responsible for overseeing the cybersecurity operations of the Medical Center Hospital System. The role incorporates strategic planning, policy development, and developing and enforcing computer security policies. Responsibilities include developing, implementing, and managing the processes and systems for monitoring and maintaining a secure and accessible computing environment. CCSIO is responsible for monitoring computer systems for violations and mis-use; responsible for appropriate documentation for audit control purposes. Responsible for computer disaster recovery and business continuity processes while staying abreast of the latest trends in cybersecurity.
Qualifications:
A. Education:High school graduate/GED required. Bachelor’s degree required; Master’s degree preferred.
B. Licensure/Certification/Registration
Must obtain the Certified Information Systems Security Professional(CISSP) within 10 months from date of hire.
C. Job Knowledge:
At least ten years of experience in information security roles (such as Network Administrator, Incident Responder, Security Analyst). CCSIO must have background knowledge in HIPPA, FERPA, and PCI DSS. At least six years of active management experience. Should possess a high degree of confidentiality and tact; exhibit excellent customer service skills; know and understand hospital, departmental and emergency policies and procedures. Must be able to communicate with peers, subordinates, and upper management in an effective and courteous manner. B. Training and Experience: (preferred)Extensive experience in enterprise security architecture design.
Extensive experience in enterprise security document creation.
Experience in designing and delivering employee security awareness training.
Experience in developing business continuity plans and disaster recovery plans.
Experience in computer incident response procedures.
Experience in enterprise information security operations.
Up-to-date knowledge of methodologies and trends in Business and IT.
Working technical knowledge of vulnerability scanning software.
Working technical knowledge of computer security auditing products.
Working technical knowledge of computer security event management systems and procedures.
Working technical knowledge of network security auditing software and devices.
Working technical knowledge of computer forensic investigation software and devices.
Strong understanding of IP, TCP/IP, and other network protocols.
Strong understanding of Microsoft Windows desktop and server operating systems and Linux/UNIX operation systems.
Familiarity with structured data, database architecture and database security auditing software and techniques.
Unusual Physical Demands and Working Conditions:
Prolonged periods of time spent sitting.
Lengthy periods of time using computer.
Extended periods of typing.
Must be able to lift up to twenty pounds.
Possible long working hours during system outages.
Possibility of on-call availability.
High pressure situations possible.