Vacancy expired!
Penn Medicine is dedicated to our tripartite mission of providing the highest level of care to patients, conducting innovative research, and educating future leaders in the field of medicine. Working for this leading academic medical center means collaboration with top clinical, technical and business professionals across all disciplines.
Today at Penn Medicine, someone will make a breakthrough. Someone will heal a heart, deliver hopeful news, and give comfort and reassurance. Our employees shape our future each day. Are you living your life's work? Position Description: Working under limited supervision, the Senior Information Assurance Advisor will be responsible for addressing information security risk across the organization. This position will assist with security awareness, policy development, regulatory and standards compliance, risk assessments, security risk analysis, vendor risk management and other related information assurance activities.Accountabilities• Perform regulatory compliance and security framework assessments as needed to identify and mitigate risk to Penn Medicine information assets• Communicate regularly and effectively with information technology stakeholders and data owners, and non-technical contacts to reduce information technology risks• Initiate, maintain, and enhance security awareness, training and education programs• Assist team members in advancing information assurance program• Collaborate with information security teammates to mitigate network and endpoint security risks• Work with third-party vendor, business associates, and other partners to assess information risk and make recommendations on remediation guidance• Performs duties in accordance with Penn Medicine and entity values, policies, and procedures• Other duties as assigned to support the unit, department, entity, and health system organizationUPHS OrganizationalWorking under moderate supervision, the Information Assurance Advisor will be will be responsible for addressing information security risk across the organization. This position will assist with security awareness, policy development, regulatory and standards compliance, risk assessments, security risk analysis, vendor risk management and other related information assurance activities.Accountabilities• Perform regulatory compliance and security framework assessments as needed to identify and mitigate risk to Penn Medicine information assets• Communicate regularly and effectively with information technology stakeholders and data owners and non-technical contacts to reduce information technology risks• Initiate, maintain and enhance security awareness, training and education programs• Assist team members in advancing information assurance program• Collaborate with information security teammates to mitigate network and endpoint security risks• Work with third-party vendor, business associates, and other partners to assess information risk and make recommendations on remediation guidance• Performs duties in accordance with Penn Medicine and entity values, policies, and procedures• Other duties as assigned to support the unit, department, entity, and health system organizationWorking under close supervision the Associate Information Assurance Advisor will be responsible for addressing information security risk associated with internal business people, process, and technology. This position will assist with security awareness, policy development, regulatory compliance, risk assessments/analysis, vendor risk management and other IA related matters. Additional duties will include vulnerability management, architectural review of technologies with a focus on network and data security, and data identification/classification. As an associate advisor, this position will also take on an operational role within the Information Assurance team to enhance overall customer service and support.Accountabilities• Perform regulatory compliance and security framework assessments as needed to identify and mitigate risk to Penn Medicine information technologies• Communicate regularly and effectively with information technology stakeholders and data owners, and non-technical contacts to reduce information technology risks• Initiate, maintain, and enhance security awareness, training and education programs• Assist team members in advancing information assurance program• Collaborate with information security teammates to address network and endpoint security risks• Work with third-party vendors and partners to assess risk and make recommendations on remedial guidance• Other duties as assigned to support Penn Medicine IS needs• Performs duties in accordance with Penn Medicine and entity values, policies, and procedures• Other duties as assigned to support the unit, department, entity, and health system organization Minimum Requirements: Senior Information Assurance Advisor Required Education and Experience• Bachelor's Degree is required (preferably in Information security, information assurance, or technology).• Current Internal Penn Medicine Information Services division employees may be considered with proof of active and continued enrollment in an approved bachelor degree program.• 5+ years of Information technologies, risk management, and compliance is required.• 3+ years' Experience in healthcare or academia is preferred.• 3+ years Familiarity with information security regulations and frameworks such as: HIPAA, PCI-DSS, HITRUST, NIST, ISO, etc., is preferred. Licenses, Registrations, and Certifications • Information security-related certifications such as CISSP, HCISPP, CISM, CISA, etc, is required.Required Skills and Abilities• Demonstrated interpersonal/verbal communication skills• Demonstrated written communication skills• Ability to troubleshoot, research and solve technically challenging problems• Demonstrated time management and priority setting skills• Ability to work in a fast-paced environment with changing priorities• Ability to work as part of a teamInformation Assurance Advisor Required Education and Experience• Bachelor's Degree is required (preferably in Information security, information assurance, or technology).• Current Internal Penn Medicine Information Services division employees may be considered with proof of active and continued enrollment in an approved bachelor degree program.• 3+ years of Information technologies, risk management, and compliance is required.• 0-1-year Experience in healthcare or academia is preferred.• 0-1-year Familiarity with information security regulations and frameworks such as: HIPAA, PCI-DSS, HITRUST, NIST, ISO, etc., is preferred. Licenses, Registrations, and Certifications • Information security-related certifications such as CISSP, HCISPP, CISM, CISA, etc, is preferred.Required Skills and Abilities• Demonstrated interpersonal/verbal communication skills• Demonstrated written communication skills• Demonstrated interpersonal/verbal communication skills• Ability to work within tight timeframes and meet strict deadlines• Ability to work in a fast-paced environment with changing priorities• Ability to work as part of a team• Strong analysis and problem-solving skillsAssociate Information Assurance Advisor Required Education and Experience• H.S. Diploma is required.• Bachelor's Degree in Information Security, Information Assurance, or Technology is preferred.• 1+ years Experience in information technologies, such as server or endpoint administration, first or second level support, network support or engineering, or application administration is preferred.• 0-1 years Information security-related certifications such as CISSP, HCISPP, CISM, CISA, etc. is preferred.• 0-1 years Familiarity with information security regulations and frameworks such as: HIPAA, PCI-DSS, HITRUST, NIST, ISO, etc. is preferred.• 0-1 years Experience in healthcare or academia is preferred.Required Skills and Abilities• Excellent problem analysis skills and articulate communicator of complex technical and business topics.• Demonstrated interpersonal/verbal communication skills• Demonstrated written communication skills• Ability to manage concurrent projects while meeting project deadlines• Ability to work in a fast paced environment with changing priorities• Ability to work as part of a team Additional Information: As part of our COVID-19 response, this position may currently be offering partial or full remote work. However, in the near future this position will require full or partial on-site work.Be a part of the exciting and ground-breaking upcoming years for the Penn Medicine Information Services department!Because growth is essential to continuing to meet the current and future needs of patients, Penn Medicine continues to expand its capabilities. Penn Medicine's Information Services (IS) Department focuses its efforts on the clinical and financial systems that support the day-to-day operations of six (6) hospitals, several satellite practices, and more than 8,923 physicians. Learn more about Information Services We believe that the best care for our patients starts with the best care for our employees. Our employee benefits programs help our employees get healthy and stay healthy. We offer a comprehensive compensation and benefits program that includes one of the finest prepaid tuition assistance programs in the region. Penn Medicine employees are actively engaged and committed to our mission. Together we will continue to make medical advances that help people live longer, healthier lives.Penn Medicine http://www.pennmedicine.org/careers/ Live Your Life's Work#LI-CE1 We are an Equal Opportunity and Affirmative Action employer. Candidates are considered for employment without regard to race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, familial status, genetic information, domestic or sexual violence victim status, citizenship status, military status, status as a protected veteran or any other status protected by applicable law.Vacancy expired!