Welcome to Clearway Health - a recognized Great Place To Work® and destination organization! We are an award-winning culture where talented people are respected, informed, engaged, empowered, developed - and where they want to grow and make a difference. At Clearway Health, diversity, equity, inclusion and belonging is an essential part of our business and workplace culture. We offer a wide range of benefits, perks, and wellness programs in addition to continuous learning opportunities to help you grow. Clearway Health emerged as a solution from Boston Medical Center to improve access to care, provide personal support, and manage the complex specialty medication needs of vulnerable patients and their families. We partner with hospitals, health systems, and the communities they care for to accelerate their specialty pharmacy programs.

POSITION SUMMARY:

The Information Security Officer (ISO) will collaborate with Boston Medical Center Health System's (BMCHS) various internal and external business units to build relationships and foster a culture that considers information security. The ISO directs, coordinates, plans, and organizes information security activities throughout the hospital or health plan, while acting as the focal point for all information security communications. The ISO is responsible for implementing the controls needed to protect both BMCHS information and information entrusted to Clearway Health by third parties.

The ISO is responsible for planning, coordinating and implementing Clearway Health information security program. The ISO will lead or participate in the development, enforcement, and maintenance of policies, procedures, measures, and mechanisms to protect the confidentiality, integrity and availability of information and to prevent, detect, contain, and correct information security breaches by aligning information security standards and compliance with statutory and regulatory requirements.

The ISO also monitors security and privacy trends and coordinates with Boston Medical Center (hospital or health plan) risk management, legal, human resources, Health Information Management, and compliance departments to keep abreast of relevant laws and legislation (locally and nationally) to ensure that the security and privacy programs are updated when appropriate to maintain ongoing compliance.

Position: Information Security Officer

Department: Clearway Health

Schedule: Full Time

ESSENTIAL RESPONSIBILITIES / DUTIES:

• Responsible for Information Security Program (ISP) development and implementation
  
  • Identify protection goals, objectives and metrics consistent with organizations strategic plan
  • Incident response program development
  • Security awareness program development
  • Business continuity and disaster recovery program development
• Determine the acceptable level of information security risk in conjunction with senior management. Advise management on information security risks and appropriate course of action.
• Conducts threats and vulnerability assessments to properly analyze the risks to information security and determines appropriate measures to effectively manage those risks
• Work with management to prioritize security initiatives and spending based on appropriate risk management methodology
• Manage the investigation of security breaches or potential breaches and assist with disciplinary and legal matters associated with such breaches
• Work with outside consultants as appropriate for independent security audits
• Participate in the evaluation, selection and implementation of security products and technologies
• Develop enterprise education and communication plans.
• Maintain deep knowledge of legal requirements and market standards of information security.

(The above statements in this job description are intended to depict the general nature and level of work assigned to the employee(s) in this job. The above is not intended to represent an exhaustive list of accountable duties and responsibilities required).

JOB REQUIREMENTS

EDUCATION:

• Master's degree in a related field or the professional certifications Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Auditor (CISA) is highly desirable.

CERTIFICATES, LICENSES, REGISTRATIONS REQUIRED:

• Professional certifications of Certified Information Systems Security Professional (CISSP) and/or Certified Information Security Manager (CISM) is highly desirable.

EXPERIENCE:

• 7+ years of experience in a large (over 2,000 users) Information Technologies department. Large Healthcare IT Enterprise experience is preferred.

KNOWLEDGE AND SKILLS:

• Should have experience with business continuity planning, auditing, and risk management, as well as contract and vendor negotiation.
• Must have a solid understanding of information technology and information security.
• Strong verbal and written communication skills.
• Ability to articulate highly technical information into real world business impact at a senior management level and, conversely, ability to translate senior management business initiatives into actionable technical designs.
• Must understand the unique requirements of security in a healthcare setting.

Clearway Health is a fast growing, health system based service provider. We help other health systems build, develop, and operate their own specialty pharmacy program aimed at providing exceptional patient care and outcomes while delivering significant financial results. Our partnership model assists with all aspects of specialty pharmacy program development (including embedding pharmacy resources directly within your clinics), leveraging our deep expertise acquired from directly operating within an academic health system and health plan.
Req id: 29624