Apply on Employer Site

Community Health Systems · 1 week ago

Cybersecurity Specialist - Business Advisor

United States

Full-time

Remote

Senior Level, Lead/Staff

8+ years exp

Community Health Systems is seeking a Cybersecurity Specialist - Business Advisor who will act as a trusted security advisor and the primary interface between Cyber Security Risk Management and the organization's business and clinical operations. This role involves translating complex security requirements into actionable guidance and advocating for the business value of security while ensuring the confidentiality, integrity, and availability of sensitive information.

Health CareHospital

Responsibilities

Serves as a technical expert in one or more aspects of information risk for a business segment or function to ensure the confidentiality, integrity, and availability of sensitive information

Consults on complex information risk management projects. Serves as an expert in the planning, engineering, development, implementation and administration of technology solutions through the use of controls, procedures, measurements and strategies to prevent unauthorized access, modification, disclosure, misuse, manipulation, or destruction of systems, networks, applications and data

Provides technical consulting efforts towards the development and implementation of information risk strategies in alignment with their respective business unit and IT initiatives. Assists in the development and implementation of information risk policies, procedures, processes and programs to ensure availability, confidentiality, integrity

Consults on one or more highly specialized phases on information risk management which many include hardware/software testing and evaluation, information risk education and awareness, incident response, policy and standards development, risk assessment and mitigation strategies. Responsibilities include developing solutions for use within an enterprise environment as well as application & business specific needs

Assists in the establishment of the overall framework for the protection of Community Health Systems information assets through architecture, policies, standards, risk assessments, monitoring, certification and technology

Provides mitigation solution oversight and direction for enterprise-wide information risk management technology. Assists in long-term strategic planning activities for the development and implementation IS risk architecture and technology guidelines

Undertakes complex information risk projects involving multiple disciplines and may impact multiple business units. Responsible for the selection, direction and performance of information risk management projects. Responsible for change management, configuration management, performance analysis, physical planning, national vendor management, inventory control, technical standards, procedures, and product evaluations

Acts as a source of direction, training, and guidance for less experienced staff

Performs other duties as assigned

Qualification

Information risk managementCybersecurityTechnical consultingRisk assessmentCISSPCISAData AnalyticsCommunication skillsProject managementRelationship building

Required

Bachelor's or master's degree in Computer Science, Information Systems, or other related field preferred

8-10 years of progressive work experience in a combination of risk management, information security, and business/IT consulting roles

Must have proven knowledge in Information risk components, principles, procedures and practices

Demonstrated ability to understand business processes and align security priorities with strategic business objectives

Excellent written and verbal communication skills. Must be able to effectively communicate technical concepts to a non-technical audience

Excellent ability to communicate complex, technical concepts to non-technical audiences and influence outcomes without direct authority

Proven experience building and maintaining strong professional relationships as a trusted advisor

Must have demonstrated knowledge in information controls and audit methodology for business systems and data processing environments

Must have a broad knowledge in information technology and risk trends

Must have familiarity of, budgeting and financial analysis concepts and techniques

Intermediate knowledge of laws, regulations, and standards relevant to the healthcare industry

Preferred

Experience in a role requiring direct partnership with business stakeholders

3-5 years of project management experience preferred

Data Science/Data Statistics/Data Analytics

ICertified Information Systems Security Professional® (CISSP) Certified Information Systems Auditor® (CISA) GSEC GIAC Security Essentials Certified PCIP PCI Professional Training HCISPP Healthcare Information Security and Privacy Practitioner