Manager Information Security Architecture & Compliance - Full Time
Indexed description
Responsibilities
Security Architecture, Risk Management, and Compliance-50%
- Partner with internal and external technical teams to design, document, and implement security architecture standards and configurations.
- Ensure alignment and adherence to established security architecture and control frameworks.
- Conduct security and compliance risk assessments across healthcare applications, systems, and business processes to identify gaps.
- Recommend and implement mitigation strategies to address identified risks and vulnerabilities.
- Monitor and evaluate the effectiveness of security controls to ensure ongoing compliance with regulatory and organizational requirements.
- Collaborate with IS, clinical, and business teams to strengthen security controls, risk management practices, and compliance processes.
- Identify and drive opportunities for process improvement, standardization, and automation across security and compliance functions.
- Develop, review, and maintain information security and compliance policies, standards, and procedures aligned with healthcare operations.
- Ensure alignment with applicable regulatory and industry standards (e.g., HIPAA, HITECH, SOX, PCI/DSS).
- Provide guidance to leadership and stakeholders on security governance and compliance expectations.
- Develop and deliver security awareness and training programs tailored to healthcare staff, including data privacy and cybersecurity best practices.
- Provide guidance on the secure handling of sensitive and protected health information.
- Assist in the investigation of security incidents, including documentation, root cause analysis, and corrective action recommendations.
- Participate in cybersecurity preparedness activities, disaster recovery planning, and business continuity exercises.
- Provide day-to-day guidance and support to a small number of direct reports, including prioritization of work, coaching, and performance feedback.
- Mentor junior team members and contribute to their professional development in information security and compliance practices.
- Promote knowledge sharing and consistency in security and compliance approaches across the team.
- Support the Director of Information Security in fostering a collaborative, accountable, and high-performing team environment.
- Serve as a liaison for internal and external audits, ensuring timely and accurate collection of required documentation.
- Support audit activities, including control validation, evidence gathering, and remediation tracking.
- Ensure organizational adherence to regulatory requirements and support responses to compliance inquiries and assessments.
Qualifications
Education and/or Experience Required:
- Education: High School Diploma, GED or equivalent.
- Experience:
- 3-5 years of Information security or compliance related activities.
- 2 years’ supervisory or management experience.
- Education: Bachelor’s degree in Computer Science, Information Security, or a related field.
- Experience:
- Experience with Epic system.
- Experience in a healthcare organization.
- CISSP, CISA, CRISC, CISM, CGRC, or equivalent.
- Information security principles, risk management, and mitigation strategies.
- Regulatory and industry compliance standards (HIPAA, HITECH, SOX, PCI/DSS).
- Governance, risk, and compliance (GRC) frameworks and internal control design.
- Leadership and mentoring skills, with the ability to guide and develop junior staff.
- Information security policies, procedures, and best practices.
- Strong verbal and written communication.
- Analytical thinking and problem-solving.
- Ability to prioritize and manage multiple tasks simultaneously.
- Process improvement, project management, and audit facilitation.
- Customer-focused and collaborative mindset.
- Work independently and meet deadlines.
- Partner with cross-functional teams to drive compliance initiatives.
- Provide oversight, coaching, and feedback to team members in a supportive and constructive manner.
At Connecticut Children’s, treating children isn’t just our job – it’s our passion. As a leading children’s health system experiencing steady growth, we’re excited to expand our team with exceptional team members who share our vision of transforming children’s health and well-being as one team.
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search