Information Security Officer (ISO)

at Gateway Foundation, Inc. in Chicago, Illinois, United States

Job Description

Information Security Officer (ISO)

Post Date:
 
 Jul 30, 2024

Location:
Chicago, IL, US, 60604

Position Type:
 
 Full Time

Requisition Number:
 
 32271

Work Schedule:
 
 Monday - Friday

Are you looking to find personal and professional fulfillment, and align your career with your values?

At Gateway Foundation, our employees have an opportunity to make a difference every day by helping people with substance abuse issues gain control of their lives.

Gateway Foundation is a recognized non-profit leader in evidence-based treatment proven to get results. Our experts in Addiction Medicine-including highly educated clinical and medical professionals and expert psychiatrists and nurses-deliver care that never stops. Throughout Gateway's proud history of helping others, dedicated and professional employees have been vital to accomplishing our life-saving mission.

If you are a collaborative professional who shares our commitment to helping people with substance abuse and mental health issues turn their lives around - GATEWAY IS THE PLACE FOR YOU!

The Information Security Officer (ISO) is responsible for:
Development, implementation, and management of the organization's Information and Cyber Security program.
Develop and implement comprehensive information security policies, procedures, and guidelines to assure integrity and reliability of storage, processing and retrieval of data, information, and communications.
Ensure the protection of sensitive data, compliance with relevant regulations, and the overall security posture of the organization.
Conduct regular risk assessments and vulnerability analyses to identify potential threats and weaknesses.
Oversee the deployment, management, and maintenance of security solutions including endpoint Detection and Response (EDR), Network Detection and Response (NDR), Email Security Systems, Data Loss Prevention (DLP), Vulnerability Management Systems, Security Information and Event Management (SIEM), and Single Sign-on/Multi-Factor Authentication (SSO/MFA).
Monitor security systems and respond to security incidents promptly.
Work closely with Legal, Compliance, Executive Teams, and the Business Divisions to safeguard our information systems and support our mission of providing exceptional care.
Lead investigations into security breaches and coordinate response activities.
Ensure compliance with industry regulations and standards such as HIPAA, HITECH, 42 CFR Part 2, HHS Essential/Enhanced Cybersecurity Goals, and other relevant frameworks.
Develop and conduct security awareness training for staff at all levels including phishing simulations.
Collaborate with IS and other departments to integrate security practices into daily operations.
Prepare and present regular reports on the state of the organization's security posture to executive leadership.
Stay current with emerging security threats, technologies, and industry trends.
Manage, mentor, and develop the Cybersecurity Engineer of this organization.
Develops budgets for information security functions and activities; secures approval of fiscal year budgets; monitors compliance to budget.
Requirements:
Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field. A master's degree is preferred.
Minimum of 7 years of experience in Information Security, with at least 3 years of leadership or managerial experience.
Expert hands-on knowledge of EDR, NDR, Email Security Systems, DLP, Vulnerability Scanning Software, SIEM, and SSO/MFA.
Strong understanding of regulatory requirements and standards for healthcare information security, privacy, and business continuity including HIPAA, HITECH, 42 CFR Part 2, and HHS Essential/Enhanced Cybersecurity Goals.
Relevant certifications such as CISSP, CISM, CISA, CRISC, or equivalent.
Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to non-technical stakeholders.
Experience in a healthcare environment is highly desirable.
Demonstrated business acumen and understanding and working knowledge of the organizational operations to design and implement effective customer service and support system.
Physical Requirements:
Occasionally exert up to 20 pounds of force. Work involves sitting most of the time but may involve walking or standing for brief periods of time.
Ability to speak and communicate effectively in person or by telephone in order to gather and exchange information and provide directions.
Ability to respond to telephone calls, emails, and hear speech.
Must be able to participate in multiday meetings, conferences and events as necessary.
Ability to travel by car, train or airplane for occasional visits to Gateway... For full info follow application link.

Gateway Foundation is an Equal Opportunity Employer: Race/Color/Sex/Sexual Orientation/Gender Identity/Religion/National Origin/Disability/Vets