The IT Information Security unit assesses risks to University information assets and works closely with a broad range of University constituencies to implement appropriate administrative, technical, and physical controls to comply with laws, regulations, funding agency requirements and security policies. The office develops, implements, and maintains a comprehensive information security program and establishes policies, procedures, training, and awareness initiatives designed to protect University information resources, limit liability, and prevent legal and regulatory violations. In addition, the office defines, promotes, and enforces policies and standards to manage risks throughout the digital identity lifecycle, including user identification and authentication, user privileges and account management, in accordance with laws, regulations and contractual obligations.
Under limited direction from the Chief Information Security Officer, the Associate Chief Information Security Officer & HIPAA Security Officer is charged with providing strategic direction and setting priorities for University of Delaware PHI (Protected Health Information) cybersecurity efforts. The Associate CISO & HIPAA Security Officer works collaboratively with technical, non-technical and clinical colleagues to protect information assets and provide relevant services to the University health care components. The incumbent approaches information security in a holistic, risk-based manner, giving priority to efforts with the greatest impact across the University. The incumbent is responsible for leading the development, implementation, and maintenance of cybersecurity strategy for University of Delaware health care components, and will also work closely with the CISO in support of the overarching Information Security Program.
The Associate CISO & HIPAA Security Officer will serve as the lead for the health care component Information Security Program initiatives and oversight, and take the lead in developing and implementing a risk management framework, with an emphasis on PHI data security.
Serve as the University’s designated HIPAA Security Officer.
Provide vision and strategic direction in the areas within this position's portfolio.
Participate in strategic planning and development of annual goals and objectives for the Information Security Program, with special attention to providing leadership for those related to the areas within this position's portfolio.
Ensure delivery of a suite of highly aligned services including superior customer experience and support for external and internal customers
Information Security and Cybersecurity Oversight:
Determine, formulate and administer information security policies and procedures to mitigate risks and ensure the security and privacy of the health care components’ data assets.
Ensure compliance with University policy; federal and state requirements such as HIPAA.
Lead the development, implementation, and maintenance of elements associated with the University's formal campus-wide information security program to protect University of Delaware health care component information assets.
Coordinate responses to cybersecurity incidents and data breaches for health care components.
Work closely with other university offices on matters involving confidential/sensitive data.
Serve as a liaison to federal, state, local, and professional organizations for information security/cybersecurity matters.
Collaborate with all members of the Information Security team and IT staff across campus to develop procedures, standards, processes and communication paths to forward security work and the work of the broader division and to achieve information security goals without duplicating efforts.
Establish a repeatable method for measuring and communicating risk to senior leadership, and effectively communicate that risk to the appropriate risk owners.
Identify risks to sensitive data, and establish methods for mitigation and reduction of risk-items that are deemed unacceptable.
Identify applicable administrative and technical controls.
Serve as an advisor to the institution regarding cybersecurity practices and controls.
Outreach and Professional Development
Participate, as appropriate, in internal and external professional activities, such as an author, committee member, search chair, meeting or conference presenter, staying abreast of emerging developments within the field, and educating the SBM community.
Represent the University on a local, regional, and national level and provides leadership in national collaborative efforts with other institutions and agencies.
Evaluate employee performance and provide guidance and feedback.
Develop and implement appropriate professional development and training programs for direct reports.
Empower and lead team to achieve objectives. Communicate management decisions to staff, and staff concerns to management.
Measures the success of program efforts and makes adjustments when appropriate.
Establish and maintain appropriate working relationships with colleagues and users and propagates and follows University policies and procedures governing IT efforts. Participates in IT and University-wide planning and governance as appropriate by participating in committees and task forces and forming partnerships with colleagues on campus.
Other duties or projects as assigned as appropriate to rank and department mission.
Bachelor's degree with seven years of full-time, increasingly complex information security/cybersecurity experience, or equivalent combination of education and experience.
One or more active cybersecurity certifications (e.g. CISSP, CISM, HCISPP, GSEC, etc.).
Information security/cyber security experience in a healthcare organization, or a complex, distributed Higher Education/Academic environment is preferred.
Experience evaluating and managing cyber risk, and working within industry-standard frameworks (e.g. NIST Cybersecurity Framework, CIS Top 20, NIST 800-XX, etc.).
Experience working, collaborating, and establishing credibility and relationships with senior leadership, colleagues and customers.
Experience successfully building consensus among a large number of diverse colleagues, senior leadership and outside agencies to address and resolve issues.
Strategic and analytical thinking skills with an ability to solve problems and make effective decisions.
Experience developing information security policy is preferred.
Experience presenting information security/cybersecurity information and concepts is preferred.
Experience mentoring information technology professionals.
Excellent interpersonal and customer service skills
Strong organizational skills with an exceptional attention to detail.
Ability to work independently as well as part of a team with a collaborative approach to problem solving.
Internal Number: 494598
About University of Delaware
The University of Delaware has a great tradition of excellence, from our roots extending back to a small private academy started in 1743, to the research-intensive, technologically advanced institution of today. Our alumni tell our story of achievement, from our first class, which included three signers of the Declaration of Independence and one signer of the U.S. Constitution, to the more than 154,000 living Blue Hens who are making vital contributions to the world. Vice President Joseph R. Biden Jr. and his wife, Jill, are both UD alumni. The University received its charter from the State of Delaware in 1833 and was designated one of the nation’s historic Land Grant colleges in 1867. Today, UD is a Land Grant, Sea Grant and Space Grant institution. The Carnegie Foundation for the Advancement of Teaching classifies UD as a research university with very high research activity—a designation accorded less than 3 percent of U.S. colleges and universities. UD ranks among the nation’s top 100 universities in federal R&D support for science and engineering. A state-assisted, privately governed institution, UD offers a broad range of degree programs: 3 associate programs, 147 bachelor’s p...rograms, 119 master's programs, 54 doctoral programs, and 15 dual graduate programs through our seven colleges and in collaboration with more than 70 research centers. Our student body encompasses more than 17,000 undergraduates, more than 3,600 graduate students and nearly 800 students in professional and continuing studies from across the country and around the globe. Our distinguished faculty includes internationally known authors, scientists and artists, among them a Nobel laureate, Guggenheim and Fulbright fellows, and members of the National Academy of Sciences, National Academy of Engineering and the American Association for the Advancement of Science. State-of-the-art facilities support UD's academic and public service activities. Our 146-foot coastal research vessel, Hugh R. Sharp—the most advanced in the U.S.—helps scientists across the region explore the sea. World-class figure skaters train at our High Performance Figure Skating Center. Partnerships with Nemours/A. I. du Pont Hospital for Children, Christiana Care and Thomas Jefferson University; the U.S. Army; Winterthur; Longwood Gardens and Hagley Museum offer unparalleled experiences in health sciences, defense research, art conservation, horticulture and history. The University is now transforming a 272-acre parcel, the site of a former auto assembly plant, into the Science, Technology and Advanced Research (STAR) Campus. Distinguished speaker series, symposia, 21 intercollegiate athletics programs and numerous intramural and club sports, more than 300 student organizations, concerts, exhibits and other arts and cultural activities enrich campus life.Thomas Jefferson once described Delaware as a "jewel" among states due to its strategic location on the East Coast, halfway between Washington, D.C., and New York City. Today, however, the location of Delaware's flagship university increasingly is invoked as "halfway between Los Angeles and London."In addition to our Georgian-inspired main campus in Newark, Del., UD has locations across the state--in Wilmington, Dover, Georgetown and Lewes. A thriving study-abroad program and expanding international partnerships further enhance our students' education as global citizens. We invite you to visit our campus or take our virtual tour today! http://video.realviewtv.com/education/udel/