Assistant Information Security Officer - Temporary/Contract
Connect to higher care
A career connection worth making.
Develops, implements, maintains, and assures compliance with FMCNA’s policies and procedures covering the security of protected health information in accordance with federal and state privacy laws and regulations.
PRINCIPAL DUTIES AND RESPONSIBILITIES:
Manages the development, implementation and maintenance for the security of protected health information. Maintains:
- Risk assessments and action plans policies and procedures.
- Training programs and communication strategies.
- Self-monitoring programs.
- Provides project management for new security initiatives. Has wide-ranging experience, and uses professional concepts in developing resolution to critical issues and broad design matters.
- Manages security documentation in compliance with regulatory obligations.
- Manages the development of security training and communication.
- Delivers information security training as necessary.
- Oversees or leads, as appropriate, information security investigations, coordinating with various staff and management within other departments as needed.
- Leads the HIPAA Security IT Steering Committee.
- Coordinates with IS/IT staff on technical aspects of HIPAA Security Rule requirements as necessary.
- Assists in the development of information security audit plans and the development of reports to the Corporate Compliance Committee and Board on matters of information security.
- Works with consultants hired to assist FMCNA in the areas of information security.
- Provides information security expertise and acts as a resource (maintaining current knowledge) regarding:
- Federal and state information security-related laws, regulations, and issues.
- Information security technologies.
- Security developments and best practices. Participates in outside professional organizations to develop and maintain proficiencies.
- Provides assistance to other staff with complex tasks that require considerable judgment and initiative.
- May escalate difficult/complex issues to supervisor/manager for resolution, as deemed necessary.
- Mentor other staff as applicable.
- Review and comply with the Code of Business Conduct and all applicable company policies and procedures, local, state and federal laws and regulations.
- Assist with various projects as assigned by a direct supervisor.
- Other duties as assigned.
Additional responsibilities may include focus on one or more departments or locations. See applicable addendum for department or location specific functions.
PHYSICAL DEMANDS AND WORKING CONDITIONS:
- The physical demands and work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
- Up to 25% travel as required.
Bachelor’s Degree required; Advanced Degree preferred
EXPERIENCE AND REQUIRED SKILLS:
- 8 – 12 years’ related experience; or a Master’s degree with 6 years’ experience; or a PhD with 3 years’ experience; or equivalent directly related work experience.
- In depth knowledge of HIPAA Security Rule and other information security related state and federal regulations.
- Strong information security technical knowledge, CISSP (Certified Information Systems Security Professional) or CISM (Certified Information Security Manager), preferred.
- Project management.
- Microsoft Office computer skills.
- Able to communicate clearly, make oral presentations and prepare concise, detailed written reports.
- Demonstrated organization, facilitation, communication and presentation skills.
- Detail oriented.
- High degree of integrity.
- Self-motivation and initiative.
EO/AA Employer: Minorities/Females/Veterans/Disability/Sexual Orientation/Gender Identity
Fresenius Medical Care North America
Dialysis services, products, pharmaceuticals, and associated therapies
Company Type: Public Company
Company Size: 10,001+