Sr. Information, Security & Privacy Manager

Position Description

Harris County Public Health has earned the 2023 Best Place for Working Parents Business Designation.

About Harris County Public Health:

Harris County Public Health (HCPH) includes a network of more than 700 public health professionals working together to improve health outcomes for the third most populous county in the United States. HCPH provides a multitude of services such as medical and dental services, community programming, and health education for the approximately 2.3 million people in unincorporated Harris County. Through its core values of innovation, engagement, and health equity, HCPH strives to bring meaningful solutions to public health issues while keeping Harris County healthy and vibrant.

Position Overview:

Under the supervision of the Associate Director of the Office of Operation and Technology Services (OTS), within the Harris County Public Health (HCPH), the Information Security and Privacy Manager (ISPM) will be responsible for overseeing a comprehensive information security and privacy program, while ensuring that information assets are protected against unauthorized access, disclosure, modification, destruction, or interference, and that these assets are used and handled in compliance with privacy laws and regulations. ISPM is also responsible for developing, collecting and monitoring security Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs).

This is a critical role for managing the risks related to information security, privacy, and data protection at the Harris County Public Health.

Duties & Responsibilities:

• Develop, implement, and monitor a strategic, comprehensive enterprise information security and privacy program.

• Establish, manage, and operate a PHS information security risk management program.

• Ensure the organization's policies and procedures comply with regulatory and ethical standards regarding privacy and information security.

• Conduct risk assessments and audits to ensure information security and privacy standards and mitigate potential risks.

• Collaborate with other County departments to address privacy and security concerns and ensure alignment across the department.

• Provide guidance and counsel to the HCPH team regarding information security and privacy matters, including grant applications and external audits

• In collaboration with HCPH HR department, identify agency wide or program specific required trainings on information security and privacy

• Primary representative in county CIRT team to respond to and manage security incidents and privacy breaches, including investigation, reporting, and remediation.

• Other duties as assigned.

Harris County is an Equal Opportunity Employer

https://hrrm.harriscountytx.gov/Pages/EqualEmploymentOpportunityPlan.aspx

If you need special services or accommodations, please call (713) 274-5445 or email ADACoordinator@bmd.hctx.net.

This position is subject to a criminal history check. Only relevant convictions will be considered and, even when considered, may not automatically disqualify the candidate.

Requirements

Education:

• Bachelor's degree in computer science, information systems, information security, or a related field.

Experience:

• At least four (4) years in Information Technology management and data governance.

• At least two (2) years of experience in state and federal information security laws, including but not limited to HIPAA, NIST, PCI and all other applicable regulations.

Knowledge, Skills & Abilities:

• Strong understanding of privacy laws and regulations such as HIPAA, PHI, PII, and cybersecurity frameworks like NIST, HITECH and HITRUST.

• Excellent communication skills, both written and verbal, with the ability to communicate security and privacy-related concepts to a broad range of technical and non-technical staff.

• Ability to complete privacy and security documents and forms.

Core Competencies

• Ability to obtain and filter information, identify, and address key issues relevant to the achievement of strategic organizational goals

• Exceptional project management skills to manage a variety of projects simultaneously

• Positively influence all levels within the organization to drive change and enable effective coordination

• Ability to create strong, positive working relationships

• Previous experience building and managing high performance teams

• High-level of flexibility in fast-paced environments

• Must be a Systems-level thinker

• Proactive, self-motivated, and mission-driven

• Progressive, intrapreneurial leadership style to enable systemic change

Leading Change

• Creates strategic change within and outside the organization to meet organizational goals

• Develops new insights into situations, encourages new ideas and innovations

• Takes a long-term view and builds a shared vision with others, acts as a catalyst for organizational change

• Deals effectively with pressure; remains optimistic and persistent even under adversity.

• Recovers quickly from setbacks

Leading People

• Fosters an inclusive workplace where equity, diversity, and individual differences are valued and leveraged to achieve the vision and mission

• Develops the ability of others to perform and contribute to the organization by providing ongoing feedback and providing opportunities to learn through formal and informal methods

• Fosters and inspires team commitment, spirit, pride, and trust. Facilitates cooperation and motivates team members to accomplish group goals.

• Holds self and others accountable for measurable high-quality, timely, and cost-effective results

• Anticipates and meets the needs of internal and external customers

• Makes well-informed, effective, and timely decisions

Building Coalitions

• Develops networks and builds alliances, collaborates across boundaries to build strategic relationships

• Identifies external and internal politics that impact the work of the organization

Interpersonal Abilities/Personal Characteristics

• Treats others with courtesy, sensitivity, and respect

• Behaves in an honest, fair, and ethical manner and models high standards

• Assesses and recognizes own strengths and weaknesses

Communication

• Communicates clearly, effectively, and persuasively both orally and in writing

• Writes in a clear, concise, organized, and convincing manner for the intended audience

Diversity, Equity, Inclusion

• Encourage a respectful and collaborative work environment that recognizes and celebrates diversity, equity, and inclusion

• Identify inequitable practices and policies and assist in implementing strategies to ensure equitable outcomes

• Demonstrate awareness and respect of cross-cultural differences and create inclusive programmatic solutions

• Practice cultural humility to build honest relationships with co-workers and the community that will ultimately enhance workplace culture and deliver better community health program

NOTE: Qualifying education, experience, knowledge, and skills must be documented on your job application. You may attach a resume to the application as supporting documentation but ONLY information stated on the application will be used for consideration. "See Resume" will not be accepted for qualifications.

Preferences

Licenses/Certifications:

• Professional certifications such as AHIMA, CIPP, CISSP, CISA, or similar.

General Information

Position Type, and Typical Hours of Work:

• This is a Grant-Funded | Full-Time position

• Typical schedule is Monday through Friday: 08:00 am to 05:00 pm

• May require periodic overnight travel and long hours/overtime during emergencies/disasters

• Hours may vary based on the business needs of the department or task requirements.

Work Environment:

• This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.

Physical Demands:

• This is a largely sedentary role; however, some duties would require the ability to lift up to 20 pounds and bending & standing for periods at a time.

Work Location:

• Harris County Public Health - Operations & Technology Services Division: 1111 Fannin St. Houston, Tx. 77002

Employment may be contingent on passing a drug screen and meeting other standards.

Due to a high volume of applications positions may close prior to the advertised closing date or at the discretion of the Hiring Department.

BENEFITS

Harris County offers a competitive benefits program, including comprehensive group health and related benefits plan as well as defined benefit retirement plan.

The following list of benefits is offered only to employees in regular (full-time) positions:

• Medical Coverage

• Dental Coverage

• Vision Coverage

• Wellness Plan

• Life Insurance

• Long-term disability

• Employee Assistance Program

• Ten (10) days of vacation each year for the first five (5) years of service

• Accrual rates increase based on years of service

• Eleven (11) County-observed holidays and one (1) floating holiday

• Professional development opportunities

• Dependent Care Reimbursement Plan

• Healthcare Reimbursement Account

• 457 Deferred Compensation Plan

The following benefits are also available to regular (full-time) employment and may be available to part-time employees:

• Retirement Pension (TCDRS)
• Flexible schedule (varies by department)
• Transportation Assistance (Metro RideSponsor Program)

In accordance with the Harris County Personnel Regulations, Group Health and related benefits are subject to amendment or discontinuance at any time. Commissioners Court reserves the right to make benefit modifications on the County's behalf as needed.

For plan details, visit the Harris County benefits website:

https://benefitsathctx.com/

01

Which of the following best describes your highest level of education completed as it relates to this position?

• High School or GED diploma

• Associate Degree

• Bachelor's Degree

• Master's Degree or higher

• None of the above

02

If you selected a college degree in response to the previous question, which of the following best describes your major?

• Computer science

• Information systems

• Information security

• Other Related Field

• Unrelated Field

• N/A; No Degree

03

Please describe your educational background including level of education completed, area of study and completed major and minor programs.

04

Which of the following best describes your verifiable Information Technology management and data governance experience? (To be considered, qualifying experience must be documented in your application's employment history)

• Less than four (4) years

• Four (4) years or more

• I do not have this experience

05

Please provide details about your verifiable Information Technology management and data governance experience. Do not use "Please see Resume" or "See Resume" (To be considered, qualifying experience must be documented in your application's employment history) Please include your (a) role(s), (b) types of organizations, (c) scope of duties and responsibilities If you do not have this experience, please type "None" in the space provided.]

06

Which of the following best describes your verifiable experience in state and federal information security laws, including but not limited to HIPAA, NIST, PCI and all other applicable regulations? (To be considered, qualifying experience must be documented in your application's employment history)]

• Less than two (2) years

• Two (2) years or more

• I do not have this experience

07

Please provide details about your verifiable experience in state and federal information security laws, including but not limited to HIPAA, NIST, PCI and all other applicable regulations. Do not use "Please see Resume" or "See Resume" (To be considered, qualifying experience must be documented in your application's employment history) Please include your (a) role(s), (b) types of organizations, (c) scope of duties and responsibilities If you do not have this experience, please type "None" in the space provided.

08

Which of the following privacy laws, regulations and cybersecurity frameworks are you proficient with from previous experience? Select all that apply:

• HIPAA
• PHI
• PII
• NIST
• HITECH
• HITRUST
• None of the Above

09

Which of the following Professional Licenses/Certifications do you currently have? Select all that apply:

• AHIMA
• CIPP
• CISSP
• CISA
• None of the Above

Required Question

Agency Harris County

Address 1111 Fannin St

Ste. 600

Houston, Texas, 77002

Phone 713-274-5445

Website https://www.governmentjobs.com/careers/harriscountytx