Information Security & Assurance Manager

San Antonio, TX, United States

Job Description

Job Summary:

This position will serve as a subject matter expert in the area of cybersecurity and work on a regular basis with a cross-functional team comprised of emergency management and technical stakeholders to achieve the goals of a federal research contract.

This role requires a technical leader with a high degree of knowledge in the overall field and recognized expertise in specific areas; problem-solving frequently requires analysis of unique issues/problems without precedent and/or structure. May manage programs that include formulating strategies and administering policies, processes, and resources; functions with a high degree of autonomy. Seeking candidates with experience defining the security requirements for safeguarding Healthcare systems and supporting Clinical units with technical and administrative readiness who are also open to cross training with emergency management or business continuity professionals to develop a foundational understanding of emergency management, disaster preparedness, and business continuity principles and practice in order to better protect health care systems against a variety of emergencies arising from hostile cyber threats.

Job Duties:

Directs and constructs security operations, develops goals and objectives, and administers policies, procedures and processes as needed.

Develops appropriate metrics to track the security posture of UT Health San Antonio's IT environment.

Ensures prevention and detection mechanisms and practices remain current with cyber threats. Validates IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risks, where applicable.

Conducts or facilitate threat modeling of services and applications that tie to the risk and data associated with the service or application.

Ensures a complete, accurate and valid inventory of all systems, infrastructure, and applications. Oversees the identification of vulnerabilities in the university's IT environment and communicates and monitors mitigation priorities with system owners and administrators.

Coordinates with Compliance and privacy officer to document data flows of sensitive information in the organization (e.g., PII or ePHI) and recommend controls to ensure that this data is adequately secured.

Oversees information security awareness programs for all approved systems users and contractors/third parties.

Establish, manage, and coordinate implementation of security training and awareness program including facilitation of security advocacy events.

Conducts cyber security and IT risk management research and provides updates on industry trends, standards, and practices.

Manages security incident containment, investigation, communication, and reporting activities.

Collaborates with appropriate IT and university leadership on IT system resiliency controls, disaster recovery and business continuity programs, processes, and technology.

May lead staff members by providing direction and guidance of day-to-day workflow.

Ensures compliance of the Information Security Program with applicable laws and regulations.

Develops, reviews, and facilitates approval of information security policies and standards that align to state laws and federal regulatory rules, university and UT System policies.

Manages an information risk management program with appropriate risk assessment processes, documenting IT controls, and identifying threats and impact of risk.

Assesses data security risks as it relates to projects and technology use and develop tools and interventions to mitigate risk.

Coordinates a risk-based process for managing vendor/third-party risk and business associate oversight. Ensures adherence to policies and procedures related to IT security/privacy and systems resiliency for all third-party access and engagements.

Partners closely with UT Health San Antonio IT, Purchasing, Legal, Compliance, Audit, Research and Academic leadership to ensure close alignment and support for any technical, security, or privacy aspects of contracts, systems, and related information security needs.

Education:

Bachelor's degree in computer science, information systems, cybersecurity or a related field required.

Master's degree is preferred.

Experience:

Seven (7) years of General IT experience and Four (4) years of IT security-related experience required.

Preferred:

Expertise with HIPAA and other healthcare data protection and security requirements as defined by HHS.

Experience assessing compliance and cyber risk for a clinical medical system.

Licenses and Certifications:

CISSP - Certified Information Systems Security Professional required.

About Us

Benefits Overview

UT Health San Antonio offers an excellent benefits package for its employees. Employees who work at least 20 hours a week, with an appointment of at least 4.5 months, are eligible for benefits.

Medical - UT SELECT Medical insurance is offered free for employees and administered by Blue Cross and Blue Shield of Texas. Family members can be added to the plan through payroll deduction. Employees and their dependents can also receive discounted copays and coinsurance when using UT Health Physicians, a network of 800 premier physicians including more than 100 specialists.

Dental - Three dental insurance plan options are available for employees and their families through Delta Dental Insurance Company, two PPOs and one dental HMO plan. Both PPO plans allow employees to choose any licensed dentist.

Vision - Fully insured Vision Care benefits are offered by Superior Vision Services. Two vision plan options that offer either standard or enhanced vision benefits. Life Employees receive $40,000 of group term life insurance and $40,000 of basic accidental death and dismemberment insurance for free, with options to purchase additional employee and dependent coverage for both at group rates.

Retirement - Employees are eligible for either the Teacher Retirement System (TRS) or the Optional Retirement Plan (ORP). TRS is a defined benefit retirement plan which UT Health matches employee contributions. ORP is for eligible faculty staff employees. Voluntary retirement programs are also available to invest before- or after-tax dollars with the choice of five quality retirement plan providers.

Time Off - A generous leave program offers multiple paid leave options: Front-loaded Paid Time Off: 128 to 208 hours (16 to 26 days) of Paid Time Off based on years of service, given at the start of each fiscal year. PTO may be prorated in year one based on date of hire.

Extended Illness Bank: 8 hours (1 day) accrued per month which can be used for illness or injury after one day of Paid Time Off is taken.

Paid Family Leave: Up to 240 hours (6 weeks) to care for a spouse, child, or parent after 6 months of consecutive employment.

Holidays: 12 set paid holidays each year plus three floating holidays, which can be used anytime during the fiscal year.

FSAs - Employees can enroll in flexible spending accounts (FSAs) to set aside money from earnings before taxes for qualifying dependent day care expenses or out-of-pocket health care expenses.

Discounts - Employees enjoy a range of discounts on services, tickets, and gym membership.

EEO Statement

UT Health San Antonio is an equal employment opportunity and affirmative action employer. It is our policy to promote and ensure equal employment opportunity for all individuals without regard to race, color, religion, sex, gender identity, national origin, age, sexual orientation, disability, or veteran status.

#J-18808-Ljbffr