The Enterprise Information Services (EIS) team at Cedars-Sinai understands that true clinical transformation and the optimization of a clinical information systems implementation is fueled through the alignment of the right people, processes, and technologies.
Why work here?
Beyond an outstanding benefit package and competitive salaries, we take pride in hiring the best, most committed employees. Our staff reflects the culturally and ethnically diverse community we serve. They are proof of our dedication to creating a multifaceted, inclusive environment that fuels innovation and the gold standard of patient care we strive for.
What will you be doing:
The Manager, Information Security is responsible for establishing the information security architecture according to standard methodologies to safeguard confidential patient, employee, provider, and corporate information in electronic form. Leads the development, implementation, and monitoring compliance of information security policies and procedures.
The position will be responsible for:
Cybersecurity policies and procedures, making sure that they align with Cedars-Sinai Privacy and Compliance policies.
Run and conduct 3rd party vendor risk assessments.
Coordinate external reviews/assessments from regulators, audit firms, and stake-holders due diligence requests.
Maintaining the security risk register and the ongoing management of inherent and residual risks. Prepare heat maps and analytics of known risks.
Lead all aspects of HIPAA compliance assessment, evidence collection, and reporting.
Run and maintain compliance data in GRC tools.
Evaluate and processes exceptions to information security policies and standards.
Monitors compliance with the organization's info security policies and procedures among employees, contractors, and other 3rd parties. Referring problems to appropriate dept managers and/or administrators.
5+ years GRC (government, risk and compliance) and security audit and/or assessment experience in the Healthcare field.
2+ years Growing leadership/management responsibilities.
Experience performing information security audits or risk assessments.
Knowledge of automated GRC platforms such as Service Now. Solid understanding of security risk management frameworks including related regulatory compliance requirements.
Solid understanding of regulatory compliance requirements (NIST CSF & 800-53, ISO27001, HITRUST, HIPAA). Experience/skills in detailing risk and compliance activities.
Bachelor's Degree in Information Technology or related field. (preferred)
CISSP, CISM, CISA, CIPP, or related. (preferred)
Working Title: Manager, Info Sec Risk and Compliance
Providing healthcare for more than 100 years, Cedars-Sinai has evolved into one of the most dynamic and highly renowned medical centers in the world. Along with caring for patients, Cedars-Sinai is a hub for biomedical research and a training center for future physicians and other healthcare professionals. This attracts exceptional talent to Cedars-Sinai, including world-renowned physician-scientists who seek a place where they can both conduct research and see patients--the ideal formula for discovery and its translation into cures. Our patients benefit from access to doctors at the top of their fields, and our researchers have an ideal community in which to study the impact of healthcare challenges, and reflect that knowledge in their research. The greater Los Angeles area in which Cedars-Sinai resides possesses unparalleled cultural and ethnic diversity which offers outstanding opportunities for translational and clinical research and a dynamic environment for medical education.Although community based, Cedars-Sinai is a major t...eaching hospital affiliated with the David Geffen School of Medicine at the University of California, Los Angeles (UCLA). Cedars-Sinai has highly competitive graduate medical education programs in more than 50 specialty and subspecialty areas, a graduate program in biomedical sciences and translational medicine, a clinical scholars program directed towards junior physicians with aspirations to become clinical scientists, and post graduate training opportunities.There are more than 250 full-time faculty members at Cedars-Sinai. The voluntary medical staff, comprised of more than 2,200 specialty board-certified or board-qualified physicians, represent all of the specialties and subspecialties and collaborate with full-time medical staff in the teaching responsibilities of the graduate medical education programs.