Director of IT Cyber Security - Hybrid Role - Remote/On Site
As Mount Sinai grows, so does our legacy in high-quality health care.
Since 1949, Mount Sinai Medical Center has remained committed to providing access to its diverse community. In delivering an unmatched level of clinical expertise, our medical center is committed to recruiting and training top healthcare workers from across the country. We offer the latest in advanced medicine, technology, and comfort in 12 facilities across Miami-Dade (including our 674-bed main campus facility) and Monroe Counties, with 38 medical services, including cancer care, 24/7 emergency care, orthopedics, cardiovascular care, and more. Mount Sinai takes pride in being South Florida's largest private independent not-for-profit hospital, dedicated to continuing the training of the next generation of medical pioneers.
Culture of Caring: The Sinai Way
Our hardworking, tight-knit community of more than 4,000 dedicated employees fosters an environment of care and compassion. Each member plays a vital role in our collective mission to deliver excellent healthcare through innovation, education, and research. At Mount Sinai, we take pride in our achievements, aiming to be a beacon of quality healthcare in South Florida. We welcome all healthcare professionals to join our thriving community and contribute to our pursuit for clinical excellence.
Responsibilities:
- Establish and maintain close working relationship with Privacy officer, compliance officer, internal audit, external audit, and other related constituencies.
- Serve as chair of hospital-wide security committee and participate in Board-level audit and compliance committees as required
- Serve as HIPAA Security Officer and ensure all aspects of HIPAA compliance are maintained
- Develop and maintain an IT Security Program that addresses the needs for assessment, prevention, detection, and response to security matters
- Establish a policy program and ensure all IT and Security policies are up-to-date, accurate, and communicated/trained throughout the organization - Implement Risk Assessment and Management policies
- Perform regular and complete risk and vulnerability scans, and provide detailed action plans to remediate risks
- Develop and publish a Security Scorecard that measures the security risks and associated KPIs
- Implement policies and procedures related to user access, including role-based access profiles, user provisioning/de-provisioning processes, SSO, and regular user access audits
- Lead IT incident investigations, working with internal and external groups, including forensics, eDiscovery, etc
- Lead breach reporting and remediation plans when necessary
- Establish security standards as it relates to network, server, workstations, end user devices, OS, etc. and ensure contracts include standard language for all new systems to define security configurations
- Manage and perform assessments for all new system implementations prior to go-live
- Develop a comprehensive security awareness training program, including materials, new hire orientation presentation, Leadership materials, Board briefings, and housing content on a security awareness intranet site
- Serve as point of contact for vendors and service providers regarding IT Security matters
Qualifications:
- CISSP desired
- Bachelor’s Degree in related discipline Master’s Degree preferred
- Hospital experience preferred
- Minimum of 8 years of IT Security experience in a leadership role
- Responsible for personal travel expenses when required to work onsite
Benefits
We believe in the physical and mental well-being of our employees and are committed to offering comprehensive benefits that fit their personal needs. Our robust employee benefits package includes:
- Health benefits
- Life insurance
- Long-term disability coverage
- Healthcare spending accounts
- Retirement plan
- Paid time off
- Pet Insurance
- Tuition reimbursement
- Employee assistance program
- Wellness program
Read Full Description