Michigan IT Jobs

Mobile michigan-jobbank Logo

Job Information

Beaumont Health System IT Security Professional Sr in Southfield, Michigan

Job Title: Information Security Professional, Sr.General Summary: The Information Security Professional Sr. will conduct information security / technology risk assessments and vendor risk assessments to minimize risk to the organization. This also includes evaluating and taking action on Service Requests and Policy Exceptions. The position will accomplish this by ensuring that new technologies implemented are properly built, fit within the overall Beaumont Health (BH) environment, and are properly secured; that Service Requests are acceptable within the Beaumont Health environment; and that Policy Exceptions are granted only when appropriate. Third parties will be reviewed to evaluate whether they have an acceptable information security environment, including a compliance management program to ensure that Beaumont Health PHI, PII, and/or PCI is appropriately protected. The role will include assisting with other areas to support the ongoing security program and to increase its effectiveness. This position reports to the Manager of Information Security Governance.Essential Duties:and#8226;Perform risk assessments primarily as part of the BH Non-Standard Technology Request (NSTR) process.and#8226;Perform Vendor Risk Management assessments.and#8226;Perform reviews of Service Requests, and Policy Exceptions, and take appropriate actions.and#8226;Apply a risk-based enterprise approach and thought leadership while evaluating technology and information security solutions.and#8226;Evaluate requests and assessments with respect to meeting Governance, Risk and Compliance requirementsand#8226;Work closely with IT Infrastructure, application teams, and other functional teams to ensure appropriate security solutions are in place for requested IT systems, devices, and technologies to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements.and#8226;During reviews and assessments, analyze business impact and exposure based on the current status and future state, emerging security threats, vulnerabilities, risks and controls.and#8226;Assist project teams to comply with enterprise and IT security policies, regulations, and best practices.and#8226;Represent Information Security through attending project kick-off meetings and status calls with key stakeholders and vendors.and#8226;Review contracts and agreements in conjunction with Legal Affairs.and#8226;Work with business and technical subject matter experts in IT, Compliance, Privacy, Legal, and other areas to enable a more thorough and complete assessment.and#8226;Participate in and support reporting efforts for communicating team activities.and#8226;Acquire and constantly increase knowledge in information security, infrastructure areas, the Beaumont Health environment, privacy and compliance.and#8226;Assist in creating, documenting and formalizing policies and procedures.Standard Qualificationsand#8226;Bachelor's degree or equivalent work experienceand#8226;Experience with HIPAA, HITRUST, NIST preferred.and#8226;Experience with information security policy and processes in a large company (5000+ employees) required, healthcare and/or financial services experience preferred.and#8226;Results oriented with a track record of self-directing and successful multi-tasking.and#8226;Experienced in technology and knowledgeable of vendor risk management, controls and compliance.and#8226;Pro-active thought leader and possess the ability to establish, maintain and influence effective working relationships with colleagues, internal customers, and third-parties.and#8226;Technical experience or knowledge in multiple information technologies including, but not limited to medical devices, applications, software, hardware, networks, network security, storage, operating systems, and end user computing.and#8226;Knowledgeable of third party vendor risk assessments - risk identification, risk assessment, risk rating and risk mitigation.and#8226;Experience with IT compliance