Information Security Officer INTERNAL APPLICANTS ONLY
EMPLOYER-PAID PENSION PLAN ( NEVADA PERS)
COMPETITIVE SALARY & BENEFITS PACKAGE
**INTERNAL CANDIDATES ONLY**
As an academic medical center with a rich history of providing life-saving treatment in Southern Nevada, UMC serves as the anchor hospital of the Las Vegas Medical District, offering Nevada's highest level of care to promote successful medical outcomes for patients.
We are home to Nevada's ONLY Level I Trauma Center, Designated Pediatric Trauma Center, Burn Care Center, and Transplant Center. We are a Pathway Designated facility by ANCC, and we are on our journey to Magnet status.
This position is considered AT-WILL and will serve at the pleasure of the CEO.
Plans, organizes and directs the activities of the information security management office for the University Medical Center of Southern Nevada. Research and evaluate procedural and technical solutions that can be applied on the hospital networks, manage the hospital's response to security incidents and maintain configuration control of security devices and software applied to centralized network and systems that support UMC and its mission and strategies. Work with hospital leadership to educate workforce, partners and Business Associates regarding information security-related roles and responsibilities. Provides expert professional assistance and guidance to management on information security
Equivalent to a Bachelor's Degree in computer science, information systems, or a closely related field and six (6) years of experience in information security administration roles, at least two (2) years of which were in a supervisory/managerial role.
Professional level experience is defined as being employed in an FLSA exempt/salaried status position.
Certified Information Systems Security Professional (CISSP) Certification, ISACA Certified Information Security Manager (CISM), or equivalent professional information security certification strongly preferred.
Additional and/or Preferred Position Requirements
- Intermediate to expert level experience with payment card compliance and PCI DSS (payment card industry data security standards)
- Intermediate level experience with cloud security practices and securing SaaS (software as a service) solutions
Knowledge, Skills, Abilities, and Physical Requirements
leadership and managerial theories and principles; strategic planning theories and principles; all aspects of computer and network security including such areas as firewall administration, encryption technologies and network protocols and other industry-standard techniques and practices; network, PC, and platform operating systems ; applicable practices and laws relating to data privacy and protection; enterprise information security systems and implementation; securing different types of systems like web, database and remote access systems; Industry standard Security policies and procedures; technical background including networking architecture, authentication practices and security administration; department and hospital safety practice and procedures; patient rights; age specific patient care practices; infection control policies and practices; handling, storage, use and disposal of hazardous materials; department and hospital emergency response policies and procedures.Skill in:
developing and enforcing departmental policies and procedures; conduct research into security issues and products as required; analyze, establish requirements; security assessments and recommendations; define risks and design solutions; educate various personnel regarding information security; work closely with business and IT people at many levels within an organization; be decisive and be comfortable working in a team or independently; establishing and maintaining effective working relationships with all personnel contacted in the course of duties; communicating effectively in oral and written form; using computers and related software applications; communicating with a wide variety of people from diverse socio-economic and ethnic backgrounds; establishing and maintaining effective working relationships with all personnel contacted in the course of duties; efficient, effective and safe use of equipment.
Physical Requirements and Working Conditions:
Mobility to work in a typical office setting and use standard equipment, mobility to drive a motor vehicle to attend meetings and off-site events; stamina to remain standing and seated and maintain concentration for an extended period of time, vision to read printed materials and a VDT screen, and hearing and speech to communicate in person or over the telephone. Exert up to 20 pounds of force occasionally, and/or up to 10 pounds of force frequently, and/or an eligible amount of force constantly to move objects. Attend meetings and events outside of normal working hours.
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of this classification.
Please note: This is an EXEMPT position which is not covered by the union. Applicants for employment to non-union eligible positions are not eligible for longevity benefits. Current UMC employees who have not qualified for longevity payments (do not have 8 full years of creditable service) and who voluntarily transfer, promote, demote or are reassigned into a non-union eligible position will not receive the longevity benefit.
Closing Date/Time: 9/15/2023 5:00 PM Pacific