Associate Director of IT Cybersecurity

23 Jul 2024

Vacancy expired!

Primary City/State:Phoenix, ArizonaDepartment Name:IT Cybersecurity GRC-CorpWork Shift:DayJob Category:Information TechnologyPrimary Location Salary Range:$49.14/hr - $81.90/hr, based on education & experienceIn accordance with Colorado’s EPEWA Equal Pay Transparency Rules.Help lead health care IT into the future. Our Information Technology professionals play a key role in excellent patient care. If you like the idea of making a positive change in people’s lives – apply today.Banner Health Cybersecurity GRC is currently seeking an Associate Director to lead a team responsible for core GRC functions supporting IT and Cybersecurity overall. This role will oversee the performance of the annual HIPAA Security and Privacy assessment. The person in this role will also ensure the team effectively monitors and tracks management action plans originating from internal and external IT audits. Other responsibilities include day-to-day management of the GRC team, helping to develop and drive GRC projects, strategic initiatives, budget, and establishing team goals. In this role, you will engage IT, senior leaders, in order to ensure that IT risks are properly managed and that issues are mitigated in a timely manner.The typical schedule for this role is Monday through Friday with limited schedule flexibility. This is a remote position that can be based on the states in which Banner Health operates. An ideal candidate will possess a bachelor’s degree with 7+ years of related GRC experience, hold an applicable certification (CISA, CISSP, CRISC, etc.), and have previous staff management experience, and time management skills, multitasking abilities, and strong communications skills.Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer to stimulate and reward careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs, or Public Relations, you'll find many options for contributing to our award-winning patient care.Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.POSITION SUMMARYThis position is responsible for planning, organizing and day to day management of cybersecurity GRC projects and professionals. Incumbent participates in the development and implementation of cybersecurity strategies to achieve desired outcomes. Responsibilities also include participation in the management of the cybersecurity financial plans, budgets, performance, and other operational activities for Banner Health’s Cybersecurity organization. This position is responsible for the operational oversight of a functional team, including direct HR management responsibilities, within Banner Health. The Incumbent is expected to work with management across diverse areas and multiple states to effectively and efficiently operate the Cybersecurity Department and partner with other parts of Banner’s organization.CORE FUNCTIONSDevelops, maintains, and enforces a Cybersecurity framework (e.g. NIST) that the IT and Cybersecurity teams should follow and adhere to in a consistent manner.

Develops, operationalizes, and manages Cybersecurity risk assessments and validation assessments performed by the GRC team.

Reviews legal, regulatory, and contractual Cybersecurity compliance requirements; develops a strategy for addressing requirements and provides periodic statements on Cybersecurity compliance status.

Identifies, tracks, monitors, helps drive resolution, and/or escalates IT and Cybersecurity audit, non-audit, compliance, and other issues, observations, or similar that need to be remediated.

Helps develop GRC metrics, Key Performance Indicators (KPI), Key Risk Indicators (KRI), and similar to report to the Chief Information Officer (CIO) and the Chief Information Security Officer (CISO).

Builds and retains the GRC team with appropriate experience and expertise. Demonstrates and embeds the behaviors and competencies that create a risk management mindset in the organization.

Performs all functions according to established policies, procedures, regulatory and accreditation requirements, as well as applicable professional standards. Provides all customers of Banner Health with an excellent service experience by consistently demonstrating our core and leader behaviors each and every day.NOTE: The core functions are intended to describe the general content of and requirements of this position and are not intended to be an exhaustive statement of duties. Specific tasks or responsibilities will be documented as outlined by the incumbent's immediate manager.SUPERVISORY RESPONSIBILITIESDIRECTLY REPORTINGIncludes direct supervision of department leaders and/or professional and administrative staff.TYPE OF SUPERVISORY RESPONSIBILITIESThis position has full managerial scope and authority for employment actions, including coaching, candidate selection, training and development, performance appraisals, work assignments, and disciplinary action.Banner Health Leadership will strive to uphold the mission, values, and purpose of the organization. They will serve as role models for staff and act in a people-centered, service excellence-focused, and results-oriented manner.PHYSICAL DEMANDS/ENVIRONMENTAL FACTORSOE - Typical Office Environment: (Accountant, Administrative Assistant, Consultant, Program Manager)Requires extensive sitting with periodic standing and walking.May be required to lift up to 20 pounds.Requires significant use of a personal computer, phone, and general office equipment.Needs adequate visual acuity, and ability to grasp and handle objects.Needs the ability to communicate effectively through reading, writing, and speaking in person or on the telephone.May require off-site travel.Not a safety-sensitive position.MINIMUM QUALIFICATIONSMust possess strong knowledge of business, cybersecurity, information technology and/or computer science as normally obtained through the completion of a bachelor's degree. Certification may be required in at least one of the following areas within one year of entering the position. Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Systems Security Certified Practitioner (SSCP), Payment Card Industry - Internal Security Assessor (PCI-ISA), Certified in Risk and Information Systems Control (CRISC), HealthCare Information Security & Privacy Practitioner (HCISSP), CompTIA Security+ or other certification designated by the Information Security Leader.Must also possess seven plus years of experience, three of which with supervisory experience, in a healthcare or related environment or an equivalent combination of relevant education, technical, business and healthcare experience. Must demonstrate expertise in information technology and healthcare. Needs experience in medium to large-scale project planning and reporting either individually or in a team. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate and interact across facilities and at various levels. Ability to balance project workloads with customer support and on-call demands. As is typical in this industry, variable shifts and hours and carrying/responding to a pager may be required.Demonstrate proficiency with the Microsoft Suite of products and other tools depending on position requirements.PREFERRED QUALIFICATIONSAn advanced degree may substitute for work experience.Additional related education and/or experience preferred.EOE/Female/Minority/Disability/Veterans

Banner Health supports a drug-free work environment.Banner Health complies with applicable federal and state laws and does not discriminate based on race, color, national origin, religion, sex, sexual orientation, gender identity or expression, age, or disability

Full-time
  • ID: #44329742
  • State: Idaho Boise 83701 Boise USA
  • City: Boise
  • Salary: USD TBD TBD
  • Showed: 2022-07-23
  • Deadline: 2022-09-22
  • Category: Et cetera