The Security Manager is responsible for managing the design, implementation and audit of the security and confidentiality of information and systems. This information may be in any electronic form such as: images, voice dictation, voice mail, electronic mail, or fax. This entails planning, reviewing and controlling the activities and conduct of project team members and/or team leaders charged with the analysis, requirements definition, selection, and implementation. This also requires assistance in the management of projects, contracts and budgets. The Security Manager is responsible for measuring the effectiveness of, and recommending pre and post-implementation and post-audit strategies for enhancing the security of all assigned computer system application programs, technologies and systems required to support the needs of the organization. This position is responsible for providing ongoing managerial, technical and motivational leadership, in line with the organization's values and goals, to assure the consistent delivery of high quality services by a highly qualified trained and committed professional staff. The Security Manager must keep up to date with regulations, rules, and standards related to information and system security practices. He/she must understand strategic security goals in order to lead in directing and implementing the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure, or destruction. The Security Manager is responsible for delivering high quality, cost effective solutions to all levels of users. This includes support for both the technology and processes. The Security Manager is also responsible for supporting the business goals and objectives for the Department, the Information Services Organization, and the organization as a whole.
Provide input into the information system vision and strategy of the organization.
Plan, prioritize, manage and schedule projects, service requests, and routine assignments. Manage assigned technical, supervisory, administrative and financial resources to meet approved corporate and regional schedules and goals. Develop and implement effective written mechanisms to document and report on all plans, priorities, schedules and the current status of all projects and assignments. Assist with the development, implementation, communication and promotion of strategic and tactical plans as related to information security, change management, disaster recovery, and audit across the enterprise.
Develop and manage detailed budgets, tracking all capital and operational expenditures and regularly reporting the budgetary status of all assigned project budgets including hardware, software and support components.
Plan and manage the development and delivery of security, Disaster recovery, audit, and educational programs for enterprise implementation. Provide ongoing leadership and motivation to ensure that the staff is focused committed and capable of producing expected results. Create and maintain a teamwork environment conducive to productive output, successful staff advancement and a rewarding work experience. Communicate, orally and in writing, with all staff levels to provide understanding and ownership of departmental and corporate objectives. Establish and enforce department policies, procedures and standards.
Interface with and support staff in all areas and at all levels in the definition of requirements, selection, design, development, implementation, and support of information systems. Provide technical oversight of system architectural development and technical guidance on problem definition and resolution. Provide enterprise management and oversight of Disaster recovery plan development, documentation, and testing.
Provide effective oral and written communications to staff to facilitate understanding, ownership and accomplishment of project goals and objectives. Demonstrate strong interpersonal skills, possess good negotiating skills and promote teamwork among subordinates. The Security Manager must be self-motivated, capable of independent thinking, and able to provide cross-functional, system-wide evaluation and review of processes and issues.
Develop and implement standards and procedures for technical and operational problem solving tools and communication techniques. Maintain follow-up process for system deficiencies and end user trouble reports. Analyze and recommend procedural standards and changes to enhance user tasks and correct problem areas, as they become known.
Contact vendors regarding service issues to receive support information or assistance.
Assist in the negotiation of contracts for the acquisition of information systems, including software, hardware and support services, following established processes.
Establish and monitor department quality objectives, milestones and benchmarks. Develop and implement effective tools to measure performance against these standards, and to document and regularly report on all plans, priorities, schedules, budgets, staff assignments, programs and the current status of projects and routine assignments. Maintain a roll-up reporting mechanism from technical, clinical and facility staff for system level statistical reporting of security monitoring, security incidences and audit issues.
Contact vendors regarding service issues to receive support information or assistance as instructed by the supervisor.
Interface with user community and IM management to understand their security needs and develop processes for IM implementation to accommodate them. Lead in the development of procedures and standards that ensure accurate evaluation of the level of security required for clinical, business and technical processes.
Define boundaries, set priorities, plan, and manage multiple projects. Develop detailed project schedules for all assigned projects, mapping dates and resources to tasks. Monitor progress and resolve approved deviations from plan.
Maintain and demonstrate good teamwork on assigned projects through actions and job performance.
Lead in the development and administration of an effective Customer Service Plan which includes provisions to accept, record, prioritize, assign, track, resolve and report on customer service problems and issues. Lead in the establishing of departmental programs, which promote and emphasize the commitment to exceptional customer service standards.
Perform other duties and special projects as assigned by the Director of Enterprise Security.
Bachelor degree in computer science, information systems or a related field preferred or equivalent experience (10 years) recommended
Formal technical education or experience in auditing, computer science or information systems technical security analysis and management preferred
Working knowledge of one or more of these preferred: application development tools and methodologies, implementation of healthcare information systems security, network, operating system, Internet and firewall technical security mechanisms
An advanced Information Systems, Clinical, or Business degree will be considered an asset.
Strong technical background.
Possess an understanding of the health care disciplines and processes that are being served by the assigned computer applications
Problem solving skills
Patience, strong customer service skills
Ten years of employment experience in systems audit, development or implementation activities in a healthcare clinical, business, or technical security management environment.
Five years successful management/leadership experience in a healthcare information systems role recommended.
CHRISTUS HEALTH is an international Catholic, faith-based, not-for-profit health system comprised of almost more than 600 services and facilities, including more than 60 hospitals and long-term care facilities, 350 clinics and outpatient centers, and dozens of other health ministries and ventures. CHRISTUS operates in 6 U.S. states, Colombia, Chile and 6 states in Mexico. To support our health care ministry, CHRISTUS Health employs approximately 45,000 Associates and has more than 15,000 physicians on medical staffs who provide care and support for patients. CHRISTUS Health is listed among the top ten largest Catholic health systems in the United States.