Receive alerts when this company posts new jobs.
Information Technology Security Officer
at Jemez Pueblo
- Job ID
- # of Openings
- Health Care
This position is responsible for the creation and execution of policies, procedures, and technical systems that ensure the security of electronic Protected Health Information (ePHI), in order to maintain the confidentiality, integrity, and availability of all organizational healthcare information systems. Establishes and implements appropriate administrative, physical and technical guards, including data encryptions, firewalls, and virus protection, to safeguard patient information.
- Responsible for implementing, managing, and enforcing information security directives as mandated by HIPAA.
- Ensures the ongoing integration of information security with business strategies and requirements.
- Develops and implements policies and procedures to safeguard protected health information (PHI).
- Ensures that the access control, disaster recovery, business continuity, incident response and risk management needs of the organization are properly addressed.
- Leads information security awareness and training initiatives to educate workforce about information risks.
- Performs ongoing information risk assessments and audits to ensure that information systems are adequately protected and meet HIPAA certification requirements.
- Develops and implements actions plans and enforces procedures that reduce threats and vulnerabilities to a reasonable level to confirm to 45 CFR 164.306(a).
- Works with vendors, outside consultants, and other third parties to improve information security within the organization.
- Leads an incident response team to contain, investigate, and prevent future computer security breaches.
- Represents the Pueblo with dignity, integrity, and a spirit of cooperation in all relationships with staff and the public.
- Oversees the compliance of Business Associates.
- Addresses concerns associated with access controls, business continuity, incidence response and disaster recovery plan.
- Works with the JHHS Privacy Officer to complete risk assessments, conduct security awareness training, and ensure HIPAA compliance.
- Assesses data breaches and enforces actions to prevent future occurrences.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.
Education and Experience:
Bachelor’s Degree in information technology, computer science, or a closely related field; AND five (5) years of management-level information technology experience.
Required Knowledge and Skills
- In-depth knowledge of the HIPAA Security Rule and other government technology laws.
- Experienced in the management of both physical and logical information security systems.
- Strong technical skills (application and operating system hardening, vulnerability assessments, security audits, TCP/IP, intrusion detection systems, firewalls, etc.)
- Outstanding interpersonal and communication skills.
- Excellent documentation skills.
- Ability to weigh business risks and enforce appropriate information security measures.
REQUIRED CERTIFICATES, LICENSES, AND REGISTRATIONS:
- New Mexico Driver’s License.