Texas Children´s Hospital is an internationally recognized full-care pediatric hospital located in the Texas Medical Center in Houston.
About Texas Childrens Hospital Texas Children´s Hospital is an internationally recognized full-care pediatric hospital located in the Texas Medical Center in Houston. One of the best pediatric hospitals in the United States, Texas Children´s Hospital is dedicated to providing the finest possible pediatric patient care, education and research. Texas Children´s is nationally ranked in the top five among children´s hospitals by both Child magazine and U.S. News & World Report. The hospital has garnered widespread recognition for its expertise and breakthrough developments in the treatment of cancer, diabetes, asthma, HIV, premature babies, and cardiogenic and attention-related disorders. No third party considerations will be accepted at this time. Vendors please do not call HR directly to solicit. Position Summary Overview: Responsible for ensuring the confidentiality, availability and integrity of information assets and protecting information from unauthorized disclosure, modification and destruction. Develop and promote strategic plans security policies, audit compliance and lead remediation initiatives. Monitor organization and IS administrators compliance. Quarterly vulnerability reviews published; identify, track and manage outstanding vulnerabilities. Responsibilities: Develop, review, update and communicate information security policies; develop security specification and certification methodology for systems; develop a monitoring and compliance strategy; conduct periodic inspections to ensure compliance; lead remediation of non-compliant systems, investigate policy violations and resolve issues; develop and promote risk assessment methodology for network computer systems; develop and promote incident response plan and coordinate response team (computer viruses, system intrusions and policy violations). Develop information security strategy; coordinate security implementations across IS disciplines and user departments. Architect, implement and document security infrastructure; establish DRBCP architecture and solutions. Advocate for security awareness and training; manage complex customer interactions, regulatory changes and innovations. Knowledge and Skills: Expert knowledge of information security, including: technical platforms and network/communications systems; risk analysis of computer network systems and applications with management level reporting; disaster recovery and business continuity planning and testing; system security development and implementation; computer forensic analysis; government and regulatory guidelines such as PCI, GLB, SarbOx, HIPAA. The ability to: analyze complex technical problems and communicate solutions to diverse audiences, including executive management, technicians, and end-users; operate independently within the framework of policies and procedures; plan, initiate and manage complex projects with management reporting and project tracking; establish the credibility of data security and positively influence the direction of IS; demonstrate strategic analysis and planning; educate new employees and supervisors; develop and implement security certification procedure. Completion of accredited curriculum in one or more areas: HIPAA; PCI; Sarbanes Oxley; Graham Leach Bliley; Computer Forensics; Endpoint Protection; Wireless/Mobility; Internet; Remote Access. Education and Experience: Bachelor´s degree and formal education in cryptography and mathematics required. At least one security certification such as CISSP, SANS certifications or equivalent required within six months.