Information Security Director

Hennepin County Medical Center Minneapolis , MN 55415

Posted 2 months ago


We are currently seeking an Information Security Director to join our IT Administration team.

Provides leadership and oversight for meeting and maintaining security standards and functions as the HIPAA Security Official. Responsible for establishing and maintaining the vision, strategy, architecture, and operations that ensures the protection of Hennepin Healthcare's information assets. S/he will be an important member CIO's leadership team, a critical operational partner and plays a key role in communicating and promoting security across the business to drive adoption of security best practices.


  • A key member of the CIO's leadership team that is responsible for delivering information services exceptionally well, delivering on business value by improving patient outcomes, patient experiences and care team efficiencies in a transparent and cost efficient way, while creating a positive and engaging work environment

  • Responsible for the development and implementation of a strategic, long-term information security and risk strategy and roadmap to ensure Hennepin Healthcare's information assets are adequately protected and compliant with regulatory expectations

  • Develop, mentor and manage a high performing staff of information security professionals

  • Responsible for the Information Security Program including;

  • Lead the development of up-to-date information security policies procedures, standards and guidelines, and oversee their approval, dissemination and maintenance

  • Ensure appropriate governance of the information security program

  • Implement best practices, regulatory, and compliance requirements that affect security for the enterprise. This includes, but is not limited to HIPAA, HITECH, PCI, CIS (Center for Internet Security) Framework

  • Conduct regular information security risk assessments, regular intrusion detection and vulnerability reporting. Develop work plans to address identified risks

  • Oversee incident response planning and the investigation of security breaches, and assist with any associated disciplinary, public relations and legal matters

  • Develop and report business-relevant metrics to measure the efficiency and effectiveness of the Information Security Program, facilitate appropriate resource allocation and increase the maturity of the security program

  • Provide ongoing guidance on solutions to achieve and maintain security compliance, to mitigate information security risks and to correct compliance exposures and gap that are effective, cost-effective and minimally disruptive

  • Oversee identity and access management process and policies

  • Collaborate with the architects, infrastructure, and application teams to ensure that technologies are developed and maintained according to security policies and guidelines

  • Collaborate with the Chief Compliance Officer and Information Privacy Officer as needed to identify and mitigate risks associated with workforce training, information management, data sharing, and breach analysis/response

  • Function as the enterprise information security subject matter expert, consulting with technology and business leaders on all information security related issues and concerns

  • Lead activities relating to contingency planning, business continuity management and IT disaster recovery in conjunction with relevant functions and third parties


Minimum Qualifications:

  • Bachelor's degree in computer science, management information systems (MIS) or an approved field of study, highly preferred

  • Eight years of IT and/or business leadership experience, and 5 years of information security /cyber security experience

Preferred Qualifications:

  • Master's degree

  • Previous health care provider experience

  • Certified Information Systems Security Professional (CISSP) and/or HCISPP, CISM, CRISC

  • Lean/Kaizen Experience

  • Infrastructure Leadership Experience

Knowledge/ Skills/ Abilities:

  • Strong teamwork skills, including the ability to establish and sustain successful working relationships with all levels of the organization

  • Must be approachable and a good listener and teacher being able to communicate security and risk-related concepts at a level of understanding of the audience, including both technical and non-technical individuals

  • Passionate about building high performing teams

  • Knowledge of security, risk and control frameworks and standards

  • Extensive knowledge or business risk, risk assessment and risk-based decision-making

  • A proven record of accomplishment in developing information security policies and procedures and successful executing

  • Security technology acumen and experience including but not limited to: firewall, intrusion detection, cyber-attack tools and defenses, encryption, certificate authority, web filtering, anti-malware, anti-phishing, identify and access management, multi-factor authentication

  • Proven ability to be the champion and voice of the IT security program

Leadership Knowledge/ Skills/ Abilities:

  • Strong analytical, problem solving and interpersonal skills

  • Ability to communication effectively with board and senior level positions

  • Ability to work in a fast-paced environment

  • Demonstrable track record of successfully supporting a 24x7 operation

  • Ability to multi-task and support multiple projects while updating management and customers

  • Willingness and desire to learn

  • Excellent written and verbal communication skills

  • Demonstrable track record of success in a similar role

  • Skilled in overseeing the efforts of high-level department individuals

  • Superb ability to motivate employees and inspire positive change within department

  • Skilled in managerial duties (i.e. hiring, firing, performance appraisals, pay reviews)

  • Capable of supporting the work of the department

  • High standard of ethics, discipline, and professionalism

  • Skilled in fostering a positive workplace culture and building inclusive workplace teams

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Database Analyst 5 / Production Support Information Security

Wells Fargo

Posted 2 days ago

VIEW JOBS 1/22/2020 12:00:00 AM 2020-04-21T00:00 Job Description Important Note: During the application process, ensure your contact information (email and phone number) is up to date and upload your current resume when submitting your application for consideration. To participate in some selection activities you will need to respond to an invitation. The invitation can be sent by both email and text message. In order to receive text message invitations, your profile must include a mobile phone number designated as "Personal Cell" or "Cellular" in the contact information of your application. At Wells Fargo, we want to satisfy our customers' financial needs and help them succeed financially. We're looking for talented people who will put our customers at the center of everything we do. Join our diverse and inclusive team where you'll feel valued and inspired to contribute your unique skills and experience. Help us build a better Wells Fargo. It all begins with outstanding talent. It all begins with you. Wells Fargo Technology sets IT strategy; enhances the design, development, and operations of our systems; optimizes the Wells Fargo infrastructure footprint; provides information security; and enables continuous banking access through in-store, online, ATM, and other channels to Wells Fargo's more than 70 million global customers. The candidate selected for this position will be an experienced and well-rounded database administrator and developer and be comfortable processing and analyzing large data sets. The position will be working as a member of the EIS Continuous Monitoring Compliance Analysis and Reporting team which provides analysis and reporting functions across six of the NIST-defined Continuous Monitoring capabilities – Configuration, Event, Information, Malware, Patch and Vulnerability Management. Specifically, the positon will perform three primary functions: 1) design, configuration, tuning and maintenance for a set of SQL databases; 2) perform ETL of data from various Enterprise Information Security tools; 3) develop SSIS packages, scripts and other automation of data processing. The position will work with other team members to help to identify and define key metrics from the data, develop reporting based on the tools data for various levels of users from systems engineers to senior leaders. Participates in calls to explain and support the data processing and metrics presented; and other duties required to support the reporting of Enterprise Information Security metrics. The candidate selected must be comfortable working on multiple dynamic projects simultaneously. The position will be responsible for helping to design and build multiple databases in support of the team objectives and requirements. Required Qualifications * 7+ years of database design and administration experience * 7+ years of SQL experience * 7+ years of SQL Server Integration Services (SSIS) experience * 7 + years of experience writing relational database queries for stored procedures, query optimization and performance tuning * 7+ years of experience in database design and administration Desired Qualifications * Strong analytical skills with high attention to detail and accuracy * Excellent verbal, written, and interpersonal communication skills * Python experience * Hadoop experience * Splunk experience Other Desired Qualifications * 2+ years experience in sourcing and integrating data from various data stores, such as SQL Server, Splunk, Hadoop, SharePoint * Experience with Tableau Reports * Maintain referential, domain and column integrity * Thorough Understanding of Database backup and Restore procedures * Experience writing User defined functions * Experience in Performance Improvement * Creating Constraints * Willingness to learn and improve skills * Knowledge and understanding of Tableau * ETL (Extract, Transform, Load) Programming experience * Knowledge and understanding of relational database designing schema, stored procedures, and views for performance with large data sets * Experience designing and optimizing complex SQL queries involving table joins and correlated sub-queries on large scale data tables * Knowledge and understanding of SQL Server Reporting Services (SSRS) * Knowledge and understanding of database querying and creating ad hoc reporting results using TSQL or similar querying methods * Strong research and documentation skills * Ability to work effectively, as well as independently, in a team environment * Ability to work in a fast paced deadline driven environment * Ability to take an active role in the education, mentoring and training of less experienced team members * Information Security reporting and analysis experience * Ability to lead projects/initiatives with high risk and complexity * Knowledge and understanding of banking or financial services industry * Experience working in a large enterprise environment * Strong analytical skills with high attention to detail and accuracy * Ability to organize and manage multiple priorities * Ability to think creatively to find innovative solutions to complex analytical questions * Hadoop development experience (Hive, NiFi, HDFS, Spark) on a major distribution such as Hortonworks or Cloudera or MapR Job Expectations * Ability to travel up to 10% of the time Salary Information The salary range displayed below is based on a Full-time 40 hour a week schedule. IA-West Des Moines: Min: $87,500 Mid: $125,000 MN-Shoreview: Min: $87,500 Mid: $125,000 AZ-PHX-Northwest Phoenix: Min: $87,500 Mid: $125,000 CA-SF-Financial District: Min: $105,000 Mid: $150,000 IA-West Des Moines: Min: $87,500 Mid: $125,000 NY-New York: Min: $105,000 Mid: $150,000 MN-Minneapolis: Min: $87,500 Mid: $125,000 MA-Boston: Min: $105,000 Mid: $150,000 NC-Charlotte: Min: $87,500 Mid: $125,000 NC-Charlotte: Min: $87,500 Mid: $125,000 NC-Raleigh: Min: $87,500 Mid: $125,000 MO-Saint Louis: Min: $87,500 Mid: $125,000 PA-Philadelphia: Min: $96,300 Mid: $137,500 Street Address IA-West Des Moines: 7001 Westown Pkwy - West Des Moines, IA MN-Shoreview: 1801 Parkview Dr - Shoreview, MN AZ-PHX-Northwest Phoenix: 2222 W Rose Garden Ln - Phoenix, AZ CA-SF-Financial District: 333 Market St - San Francisco, CA IA-West Des Moines: 800 S Jordan Creek Pkwy - West Des Moines, IA NY-New York: 150 E 42nd St - New York, NY MN-Minneapolis: 600 S 4th St - Minneapolis, MN MA-Boston: 125 High Street - Boston, MA NC-Charlotte: 1525 W Wt Harris Blvd - Charlotte, NC NC-Charlotte: 401 S Tryon St - Charlotte, NC NC-Raleigh: 1100 Corporate Center Dr - Raleigh, NC MO-Saint Louis: 1 N Jefferson Ave - Saint Louis, MO PA-Philadelphia: 101 N Independence Mall E - Philadelphia, PA Disclaimer All offers for employment with Wells Fargo are contingent upon the candidate having successfully completed a criminal background check. Wells Fargo will consider qualified candidates with criminal histories in a manner consistent with the requirements of applicable local, state and Federal law, including Section 19 of the Federal Deposit Insurance Act. Relevant military experience is considered for veterans and transitioning service men and women. Wells Fargo is an Affirmative Action and Equal Opportunity Employer, Minority/Female/Disabled/Veteran/Gender Identity/Sexual Orientation. Wells Fargo Minneapolis MN

Information Security Director

Hennepin County Medical Center