Job Details

Company: Highmark Health

Job Description:

JOB SUMMARY

This position offers a dynamic role in Information Security and Risk Management, essential for the protection of our organization. Collaborating with colleagues in security, HM Health Solutions customers, and application teams, you will ensure we meet current and future security needs. You will lead a team of Information Security professionals, making key decisions on hiring, promotions, and terminations. You are responsible for talent development, resource management, work planning, and performance management. This role includes oversight of security technologies for networks, systems, and data while maintaining budgetary goals.

As a key contributor to the Information Security and Risk Management (ISRM) strategic planning process, you will partner with Directors to craft and execute actionable departmental strategic plans aligned with corporate objectives. You will engage in coordination, implementation, problem-solving, communication, and training regarding new technologies and processes. Additionally, you will develop and deliver Information Security awareness and training programs to the organization.

ESSENTIAL RESPONSIBILITIES

• Manage personnel matters, including hiring and termination decisions, coaching, performance management, and promoting productivity.
• Plan, organize, and oversee daily department operations; develop and implement necessary policies and programs, possibly with budgetary authority.
• Oversee project management aspects to ensure continuous process improvement: negotiate and liaise with leadership and staff to develop security solutions; adhere to internal standards and ensure compliance to approved methodologies; coordinate resources, timelines, contingency plans, and risk management.
• Provide departmental leadership: advocate for organizational change and encourage relationship-building activities; drive security innovations and reinforce security training protocols.
• Ensure compliance with Corporate and Information Security policies, standards, and procedures.
• Communicate effectively across all organization levels: facilitate meetings, prepare and deliver presentations; represent HM Health Solutions externally; produce divisional procedures, reports, and correspondence, enhancing awareness of security threats and metrics, funding, budgets, and resources.
• Perform other duties as assigned or requested.

EDUCATION

Required

• Bachelor's Degree in Information Security, Information Systems, Information Assurance, Computer Science, or a related field

Substitutions

• 6 years of relevant experience can substitute for a Bachelor's Degree

Preferred

• Master's Degree in Computer Science, Information Security, or a related field

EXPERIENCE

Required

• 7 - 10 years in Information Security and/or Information Risk Management and/or Information Technology
• 7 - 10 years of experience in communicating and presenting Information Security and Risk Management concepts to diverse audiences
• 1 - 3 years in a leadership mentoring role
• 1 - 3 years of experience in Staff Management
• 1 - 3 years in developing and executing strategic plans to meet business objectives

Preferred

• 10 - 15 years in Information Security and/or Information Risk Management and/or Information Technology
• Experience managing an information security function using HITRUST CSF or the NIST 800-83 cyber security framework
• Experience in SSAE 16 or SOC 2 Security Trust Principle audits
• Proven experience in budgeting and meeting financial objectives
• Active participation/leadership in security industry organizations (HITRUST, ISACA, InfraGard, ISC2, ISSA, etc.)

LICENSES AND CERTIFICATIONS

Required

• None

Preferred

• Certified Information Systems Security Professional (CISSP) OR
• Certified Information Security Manager (CISM) OR
• Certified in Risk and Information Systems Controls (CRISC) OR
• Information Technology Infrastructure Library (ITIL)

SKILLS

• Knowledge of regulatory frameworks such as HIPAA, PCI DSS, and FIPS-140
• Strong interpersonal and teamwork abilities
• Experience leading process improvement initiatives
• Capable of motivating high-performance, multidisciplinary teams
• Proven competency in project execution
• Strong relationship management skills

Languages (Other than English)

None

Travel Requirement

0% - 25%

PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS

Position Type

Office-Based

Teaches/Trains others regularly: Frequently

Travels regularly from the office to various work sites or from site-to-site: Occasionally

Physical Work Site Required: Yes

Lifting: up to 10 pounds: Does Not Apply

Lifting: 10 to 25 pounds: Does Not Apply

Lifting: 25 to 50 pounds: Does Not Apply

Disclaimer: This job description provides a general overview of the essential duties and responsibilities associated with this role. It may not cover all aspects of the job and may be subject to change.

Compliance Requirement: This job aligns with ethical and legal standards set forth in the company's code of conduct and policies.

Employees may access confidential customer information that must be protected, and they must comply with HIPAA guidelines and the company's privacy policies.

Compliance with the company's Code of Business Conduct is mandatory for all employees.

Pay Range Minimum:

$108,000.00

Pay Range Maximum:

$201,800.00

Base pay is determined by various factors, including qualifications, experience, and contributions.

Highmark Health and its affiliates are committed to equal opportunity, prohibiting discrimination against veterans, individuals with disabilities, and based on protected classifications under applicable laws.

We strive to make this site accessible to all users. For accessibility inquiries or assistance with the application process, please reach out via email.

Req ID: J269262