Director of IT Cyber Security
Mount Sinai Medical Center•Miami Beach, FL
4d
About The Position
Provides strategic leadership for enterprise-wide cybersecurity and HIPAA compliance within a hospital environment. Oversees security governance, risk management, and incident response while partnering with executive leadership, compliance, audit, and clinical stakeholders to protect patient data, systems, and infrastructure. Develops and enforces security policies, conducts risk and vulnerability assessments, leads breach response, and drives security awareness to ensure a resilient, compliant, and secure healthcare organization.
Requirements
- Relevant certifications such as CISSP desired.
- Bachelor's Degree in related discipline, Master's Degree preferred.
- 8 years of IT Security experience desired.
Responsibilities
- Establish and maintain close working relationship with Privacy officer, compliance officer, internal audit, external audit, and other related constituencies.
- Serve as chair of hospital-wide security committee and participate in Board-level audit and compliance committees as required.
- Serve as HIPAA Security Officer and ensure all aspects of HIPAA compliance are maintained.
- Develop and maintain an IT Security Program that addresses the needs for assessment, prevention, detection, and response to security matters.
- Establish a policy program and ensure all IT and Security policies are up-to-date, accurate, and communicated/trained throughout the organization.
- Implement Risk Assessment and Management policies
- Perform regular and complete risk and vulnerability scans, and provide detailed action plans to remediate risks.
- Develop and publish a Security Scorecard that measures the security risks and associated KPIs.
- Implement policies and procedures related to user access, including role-based access profiles, user provisioning/de-provisioning processes, SSO, and regular user access audits.
- Lead IT incident investigations, working with internal and external groups, including forensics, eDiscovery, etc.
- Lead breach reporting and remediation plans when necessary.
- Establish security standards as it relates to network, server, workstations, end user devices, OS, etc. and ensure contracts include standard language for all new systems to define security configurations.
- Manage and perform assessments for all new system implementations prior to go-live.
- Develop a comprehensive security awareness training program, including materials, new hire orientation presentation, Leadership materials, Board briefings, and housing content on a security awareness intranet site.
- Serve as point of contact for vendors and service providers regarding IT Security matters.
- Other duties as assigned.
Benefits
- Health benefits
- Life insurance
- Long-term disability coverage
- Healthcare spending accounts
- Retirement plan
- Paid time off
- Pet Insurance
- Tuition reimbursement
- Employee assistance program
- Wellness program
- On-site housing for select positions and more!
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Upload and Match Resume
What This Job Offers
Job Type
Full-time
Career Level
Director
Number of Employees
501-1,000 employees
