We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results
New

Assistant Vice President Information Security

University of Texas Southwestern Medical Center
parental leave, paid time off, paid holidays, tuition reimbursement
United States, Texas, Dallas
5323 Harry Hines Boulevard (Show on map)
Nov 24, 2024

WHY UT SOUTHWESTERN?
With over 75 years of excellence in Dallas-Fort Worth, Texas, UT Southwestern is committed to excellence, innovation, teamwork, and compassion. As a world-renowned medical and research center, we strive to provide the best possible care, resources, and benefits for our valued employees. Ranked as the number 1 hospital in Dallas-Fort Worth according to U.S. News & World Report, we invest in you with opportunities for career growth and development to align with your future goals. Our highly competitive benefits package offers healthcare, PTO and paid holidays, on-site childcare, wage, merit increases and so much more. We invite you to be a part of the UT Southwestern team where you'll discover a culture of teamwork, professionalism, and a rewarding career!

JOB SUMMARY
Work under limited supervision in the analysis, design, planning, implementation, and continuous monitoring of required regulatory controls of all facets of the information security program within the Health System. Also, plan, coordinate, and direct all daily operational activities of the institution's information security risk management program and provide direction and solutions that enhance mission-critical operations across the institution. Reporting to the UT Southwestern Institutional Chief Information Security Officer, work closely with clinical operations and health system information resources leadership teams and other key business decision-makers in identifying and implementing cost-effective technology and risk management processes to achieve and maintain at least the minimal level of required compliance. This position oversees the information security risk management and analysis processes, governance, risk, and compliance for the institution. Will also provide oversite and risk management consultation for research and academic lines of business.

QUALIFICATIONS

EXPERIENCE AND EDUCATION
Required



  • Education
    Bachelor's Degree in related field


  • Experience
    7 years of related information security experience and
    2 years in a management/leadership position, with supervisory experience


Preferred



  • Education
    Master's Degree


  • Licenses and Certifications
    (CISSP) CERT INFO SYSTEMS SECURTY PROF Upon Hire or
    CISM Upon Hire or
    (CRISC) CERT RISK & INFO SYSTM CONTROL Upon Hire or
    other industry certifications Upon Hire


JOB DUTIES




    • Serves as the Chief Information Security Officer for the Health System. Collaborates with clinical operations and health system information resources leadership teams and business units to ensure alignment of information security initiatives with business objectives and ensures integration into the institution's operations. Articulates the need, value, and impact of cybersecurity and serves as an advocate and champion for cybersecurity efforts to ensure regulatory compliance.
    • Advises senior leadership on complex issues requiring advanced knowledge of risk management, threat modeling, and disaster recovery planning, which may have long-term impacts.
    • Provides strategic guidance and advocacy regarding the prioritization of investments that impact information security in the health system. Represents the cybersecurity function in meetings and presentations with senior management and external stakeholders.
    • Leads the development and maintenance of security policies, standards, and procedures to meet applicable compliance requirements.
    • Develops and maintains security KPIs/metrics and reporting to track the effectiveness of the security program.
    • Identify and assess information security risks and develop risk management strategies. Monitors the threat landscape and emerging security trends to proactively identify and mitigate risks.
    • Identifies continuous improvement opportunities including enhancements, automation, artificial intelligence, machine learning, streamlining workflows, and collaborating with stakeholders to improve and mature the institution's cybersecurity function.
    • Oversees and conducts regular information security risk assessments to ensure adherence with security frameworks, regulatory requirements, and industry standards, and ensure timely resolution of identified vulnerabilities.
    • Coordinates the successful completion of interdepartmental information security projects with resources from other departments and external service providers.
    • Develop, lead, and contribute to efforts to advance the Information Security strategy and overall roadmap and ensure proper alignment with institutional risk appetite, mission, and compliance requirements.
    • Maintain in-depth knowledge of industry best practices related to cybersecurity architecture, governance, risk, and compliance functions.
    • Develop and expand external information security relationships with Federal, State, law enforcement, non-governmental and non-profit organizations with an information or cybersecurity mission.
    • Partner with Information Resources Chief Enterprise Architect to establish and document information security operational standards and procedures for the implementation of technical solutions.
    • Assist with planning annual capital and operating budgets for the information security department. Serve as liaison and negotiator with institution vendor partners.
    • Participate as needed in Health System and Institution strategic planning initiatives.
    • Organize assigned cyber architecture, governance, risk, and compliance personnel for optimal performance. Create and sustain a strong technical organization that includes coaching, mentoring and viable succession planning for key roles.
    • Functions as the Deputy Institutional Chief Information Security Officer. In the absence of the Institutional Chief Information Security Officer will serve in that role as a proxy.
    • Perform other duties as assigned



KNOWLEDGE, SKILLS AND ABILITIES


    • Work requires the ability to ensure adherence to all policies and procedures of university.
    • Work requires the ability to effectively interpret and apply organizational policies, procedures, and systems.
    • Work requires proven supervisory, customer service, and written and verbal communication skills.
    • Work requires the ability to plan, organize, coordinate, and supervise the work of employees as necessary to ensure desired results are achieved.
    • Work may require telephone and personal contact with all levels of internal and external personnel and organizations.
    • Work may require the ability to monitor and maintain budget.


PHYSICAL DEMANDS/WORKING CONDITIONS

  • Physical Demands
    Handling
    Talking


  • Working Conditions
    Office Setting

PACT STATEMENT
    The following is the acronym, "PACT", and is fundamental to all non-clinical positions at UT Southwestern Medical Center:
  • P-Problem Solving: Employees take ownership in solving problems effectively, efficiently, and to the satisfaction of customers, or managers. They show initiative in addressing areas of concern before they become problems.
  • A-Ability, Attitude and Accountability: Employees exhibit ability to perform their job and conduct themselves in a professional and positive manner reflecting a professional environment readily assuming obligations in a dependable and reliable manner.
  • C-Communication, Contribution, and Collaboration: Who are our Customers? Anyone who requests our help, needs our work product, or receives our services. Employees focus on customer service with creative solutions while improving the customer experience through clear, courteous, and timely delivery and communication. Sharing ideas with others helps expand our contribution to department goals.
  • T-Teamwork: Employees work to contribute to the department's success by supporting co-workers, promoting excellence in work product and customer service, and in maintaining a satisfying, caring environment for each other.

SECURITY AND EEO STATEMENT
Security
This position is security-sensitive and subject to Texas Education Code 51.215, which authorizes UT Southwestern to obtain criminal history record information.

EEO Statement
UT Southwestern Medical Center is committed to an educational and working environment that provides equal opportunity to all members of the University community. As an equal opportunity employer, UT Southwestern prohibits unlawful discrimination, including discrimination on the basis of race, color, religion, national origin, sex, sexual orientation, gender identity, gender expression, age, disability, genetic information, citizenship status, or veteran status.

Benefits
    UT Southwestern is proud to offer a competitive and comprehensive benefits package to eligible employees. Our benefits are designed to support your overall wellbeing, and include:
    • PPO medical plan, available day one at no cost for full-time employee-only coverage
    • 100% coverage for preventive healthcare - no copay
    • Paid Time Off, available day one
    • Retirement Programs through the Teacher Retirement System of Texas (TRS)
    • Paid Parental Leave Benefit
    • Wellness programs
    • Tuition Reimbursement
    • Public Service Loan Forgiveness (PSLF) Qualified Employer
    • Learn more about these and other UTSW employee benefits!
Applied = 0

(web-5584d87848-llzd8)