• Information Technology Risk Officer

    Posted Date 2 weeks ago(6/13/2018 7:58 AM)
    Requisition ID
    2018-42530
    Category
    Info Technology
    Position Type
    Regular Full-Time
    Department
    INFO IT Security
    Post End Date
    7/16/2018
  • Overview

    The Information Technology Risk Officer (ITRO) reports to the Information Security Analyst Director & Chief Information Security Officer (CISO) and is part of the Information Technology Security leadership team.  The ITRO will serve as the process owner for ongoing activities that provide appropriate access to and protect the confidentiality, integrity and availability of electronic information in compliance with law, regulations, policies and standards at the University of Arkansas for Medical Sciences.

     

    The University of Arkansas for Medical Sciences (UAMS) has a unique combination of education, research, and clinical programs that encourages and supports teamwork and diversity.  We champion being a collaborative health care organization, focused on improving patient care and the lives of Arkansans.  

     

    UAMS offers amazing benefits and perks:

    • Health: Medical, Dental and Vision plans available for staff and family
    • Holiday, Vacation and Sick Leave
    • Education discount for staff and dependents (undergraduate only)
    • Retirement: Up to 10% matched contribution from UAMS
    • Basic Life Insurance up to $50,000
    • Career Training and Educational Opportunities
    • Merchant Discounts
    • Concierge prescription delivery on the main campus when using UAMS pharmacy

     

    Salary:  Negotiable

    Responsibilities

    Risk Management Research/Strategy/Planning 

    • Maintains training and skills to provide expert guidance on cybersecurity protection, detection, response, and recovery.
    • Collaborate with IT Leadership to establish a long-term vision and strategy for information security risk management.
    • Oversee the development of the near-term tactical cybersecurity protection, detection, response, and recovery implementation strategy. 

    Risk Management Audit and Assessment

    • Perform IT risk and control assessments across Infrastructure and Application assets, including Cloud services, Application management, Disaster Recovery, emerging technologies, vendor security, and IT regulatory compliance across UAMS.
    • Identify and report on the critical business and financial risk factors within IT vendor proposals, agreements, and statements of work.
    • Review and constructively challenge current and proposed processes to help ensure a consistent understanding of technology-related risks throughout the organization amongst relevant stakeholders.

    Cybersecurity Advisor        

    • Collaborate with project managers, stakeholders, software sponsor, and/or IT management to address vendor performance/deliverable issues related to Cybersecurity
    • Maintain internal vendor intelligence database
    • Developing and maintaining effective business relationships with key strategic suppliers, attending Executive briefings and participatng on vendor customer advisory boards as appropriate.

    Cybersecurity and Security Risk Project Management

    • Collaborate with project managers, stakeholders, software sponsor, and/or IT management to address vendor performance/deliverable issues related to Cybersecurity
    • Maintain internal vendor intelligence database
    • Developing and maintaining effective business relationships with key strategic suppliers, including but not limited to attending Executive briefings and participation on vendor customer advisory boards as appropriate

    Other duties as assigned

     

    Qualifications

    Minimum Qualifications:

    Associates degree in Computer Sciences or related field of study plus 12 years of Information Technology job specific experience or other relevant job experience or any combination of the two.

    • Must be proficient in Word, Excel, PowerPoint, Visio, Project, Outlook or comparable tools. 
    • Strong presentation, writing and verbal skills.

    Preferred Qualifications:

    Bachelor degree in Computer Sciences or related field of study plus 10 years of Information Technology job specific experience or other relevant job experience or any combination of the two.

    • IT Healthcare, Higher Education, or Academic Health Center software & hardware industry experience.
    • Project Management (PMP, Agile, Lean, Six Sigma, etc.), Certified Information Systems Security Professional (CISSP), Security+, Microsoft Certified Systems Engineer and/or relevant technical (Linux, VMWare, etc.) certifications.
    • Working knowledge of Simple database design & development, SQL language, Microsoft PowerShell.

    UAMS is an Affirmative Action and Equal Opportunity Employer and is committed to excellence.  Qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or veteran status.

    Physical Requirements

    Stand: Frequently
    Sit: Frequently
    Walk: Frequently
    Bend, crawl, crouch, kneel, stoop, or reach overhead: Occasionally
    Lift, push, pull, carry weight: 11 - 25 lbs
    Use hands to touch, handle, or feel: Frequently
    Talk: Frequently
    Hear: Frequently
    Taste or smell: Never
    Read, concentrate, think analytically: Continuously
    Physical Environment: Inside Office Environment
    Noise Level: Quiet
    Visual Requirements: Near visual acuity
    Hazards: None

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed