Join our team at Mosaic as the Manager of Information Security, in this role you will have a critical role in protecting company sensitive data and systems, with a focus on compliance with the HIPAA Security Rule and the NIST Cybersecurity Framework (CSF). If you are a seasoned information security professional with a passion for healthcare and a commitment to excellence, we invite you to apply for this key leadership position! Local Omaha Metro candidates are highly preferred! Essential Job Functions:
- Develop, implement, and maintain a comprehensive information security program aligned with the HIPAA Security Rule, NIST CSF, and industry best practices.
- Conduct regular security assessments and risk analysis to identify vulnerabilities and mitigate potential threats specific to HIPAA compliance and NIST CSF controls.
- Implement and manage security controls, such as firewalls, intrusion detection/prevention systems, and data encryption, ensuring compliance with HIPAA and NIST CSF requirements.
- Develop and deliver security awareness training and education programs for employees, emphasizing HIPAA and NIST CSF best practices.
- Respond to security incidents and breaches in a timely and effective manner, adhering to HIPAA incident response requirements.
- Identify IT security program implications of new technologies or technology upgrades.
- Ensure that cybersecurity requirements are integrated into the continuity planning for systems and/or the organization.
- Stay up-to-date on the latest security threats, industry regulations, and NIST CSF updates, implementing preventative measures.
- Collaborate with other departments, business units, and healthcare stakeholders to ensure security is integrated into all aspects of operations and HIPAA compliance.
- Manage and maintain security budgets and resources, aligning them with HIPAA and NIST CSF requirements.
- Communicate the value of IT security throughout all levels of the organization and stakeholders.
- Prepare and present security reports to management, highlighting HIPAA compliance and NIST CSF adherence.
Education& Experience:
- Bachelor's degree in Information Security, Computer Science, or related field (Master's degree preferred).
- Minimum of 5 years of experience in information security, preferably in a healthcare setting.
- Certified Information Systems Security Professional (CISSP) or equivalent certification.
KNOWLEDGE, SKILLS & ABILITIES:
- Experience with cloud security technologies
- Experience with security governance, risk, and compliance (GRC) frameworks.
- Programming experience (e.g., Python, Bash).
- Ability to work independently and as part of a team.
- Strong understanding of the HIPAA Security Rule, NIST CSF, and other relevant healthcare regulations.
- Experience with security risk management, incident response, and vulnerability assessment tools.
- Strong analytical, interpersonal, communication skills
- Strong critical thinking, problem-solving and troubleshooting skills
- Detail-oriented
- Ability to identify and mitigate network vulnerabilities
- Knowledge of firewalls, antivirus, and IDPS concepts
|