Manager Information Security Risk Management

Manager Information Security Risk Management

This range is provided by Harris Health. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.

Base pay range

$129,292.00/yr - $171,329.00/yr

Direct message the job poster from Harris Health

Talent Acquisition Partner, Information Technology, Harris Health System

Harris Health System is the public healthcare safety-net provider established in 1966 to serve the residents of Harris County, Texas. As an essential healthcare system, Harris Health champions better health for the entire community, with a focus on low-income uninsured and underinsured patients, through acute and primary care, wellness, disease management and population health services. Ben Taub Hospital (Level 1 Trauma Center) and Lyndon B.

Johnson Hospital (Level 3 Trauma Center) anchor Harris Health’s robust network of 39 clinics, health centers, specialty locations and virtual (telemedicine) technology. Harris Health is among an elite list of health systems in the U.S. achieving Magnet nursing excellence designation for its hospitals, the prestigious National Committee for Quality Assurance designation for its patient-centered clinics and health centers and its strong partnership with nationally recognized physician faculty, residents and researchers from Baylor College of Medicine; McGovern Medical School at The University of Texas Health Science Center at Houston (UTHealth); The University of Texas MD Anderson Cancer Center; and the Tilman J. Fertitta Family College of Medicine at the University of Houston.

JOB SUMMARY:

The Manager Information Security Risk Management reports to the Vice President and Chief Information Security Officer (CISO) and develops, maintains and executes a continuous, flexible information security risk management program that aligns with Harris Health's overall strategic business and IT goals, and addresses the higher-risk areas and concerns of Executive Management. Works alongside the Harris County attorney team and the Harris Health corporate compliance department to review third-party contracts and ensure compliance to standards and regulations regarding information access, security, and privacy. Leads all phases of internal and third-party risk assessments as-well-as planned IT audits and reviews.

Coordinates internal and third-party security audits, to include HIPAA audits, PCI DSS audits, Service Organization Controls (SOC) audits, ISO audits, SSAE 16 / ISAE 3402 audits, customer audits, and other compliance/regulatory audits. Assists VP/ CISO with decisions regarding risk and audit planning, testing plans and methodologies for risk and audit projects. Assists VP/CISO in determining reportable observations, findings and recommendations to relay to Executive Management and Board of Trustees.

Develops and publishes cyber related risk and audit reports and reviews. Drafts and updates various departmental and organization-wide information security policies.

MINIMUM QUALIFICATIONS:

Education/Specialized training/Licensure:

• CISSP required.
• CRISC, CISA, HCISPP, CIPP, GSNA, or CCSP, must have obtained (1) additional certification within six (6) months of accepting position. Preferred

CISSP (required); Must have obtained one (1) additional certification within six (6) months of accepting position.

WORK EXPERIENCE:

6 years' work experience. Extensive knowledge of HIPAA Security rule, HITECH, Payment Card Industry (PCI), NIST Cybersecurity Framework. In addition, understanding of NIST SP 800-53r4, COBIT, and ITIL frameworks preferred. RSAM or other GRC tools experience preferred. Previous IT audit and risk management experience, or equivalent combination of education and experience.

MANAGEMENT EXPERIENCE:

Three (3) years of experience in Cyber Security or related field.

SPECIAL REQUIREMENTS:

Communication Skills:

Exceptional Verbal (Public Speaking

Other Skills:

Analytical, Statistical

Seniority level

• Seniority level

  Not Applicable

Employment type

• Employment type

  Full-time

Job function

• Job function

  Information Technology

• Industries

  Hospitals and Health Care

Referrals increase your chances of interviewing at Harris Health by 2x

Inferred from the description for this job

Medical insurance

Vision insurance

401(k)

Disability insurance

Get notified about new Information Security Manager jobs in Greater Houston.

VP Chief Information Security Officer (CISO)

Director, IT Governance, Risk, and Compliance

Houston, TX $85,000 - $90,000 3 months ago

Manager Cyber Assessment, Federal IT Compliance Issues Manager

Tax Legal Business Associate Manager TTC

Houston, TX $108,430 - $246,870 3 weeks ago

Tax Legal Business Associate Manager TTC

Sr Engineer, Cyber Insider Threat - Network Activity Logs - Remote

Director, Senior Cloud Security Architect

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.