Manager - Information Security

IT Services  
Full Time
AM/PM Shift 
40

 

Lexington Health is a comprehensive network of care that includes six community medical and urgent care centers, nearly 80 physician practices, more than 9,000 health care professionals and Lexington Medical Center, a 607-bed teaching hospital in West Columbia, South Carolina. It was selected by Modern Healthcare as one of the Best Places to Work in Healthcare and was first in the state to achieve Magnet with Distinction status for excellence in nursing care. Consistently ranked as best in the Columbia Metro area by U.S. News & World Report, Lexington Health delivers more than 4,000 babies each year, performs more than 34,000 surgeries annually and is the region's third largest employer.

 

Lexington Health also includes an accredited Cancer Center of Excellence, the state’s first HeartCARE Center, the largest skilled nursing facility in the Carolinas, and an Alzheimer’s care center. Its postgraduate medical education programs include family medicine and transitional year residencies, as well as an informatics fellowship.

Job Summary

Manages the development and delivery of IT security standards, best practices, architecture and systems to ensure information system security across the enterprise. Implements processes and methods for auditing and addressing non-compliance to information security standards; facilitates migration of non-compliant environments to compliant environments. Conducts studies within and outside the organization to ensure compliance with standards and currency with industry security norms. Manages and participates in the planning and implementation of security administration for all IT projects. Responsible for evaluation and selection of security applications and systems. Makes recommendations and assists in the implementation of changes to work methods and procedures to make them more effective or to strengthen security measures. Reports to the IT Security Director.

Minimum Qualifications

Minimum Education: Associate's Degree in Related Field 
Minimum Years of Experience: 8 Years of experience in information technology (to include  2 years of direct experience in information security within a complex healthcare setting)
Substitutable Education & Experience: Associate's Degree can be substituted for 2 years of additional experience in information security within a complex healthcare setting
Required Certifications/Licensure: Must hold at least two technical certification within the information security realm; Must be willing to obtain industry or vendor certifications.
Required Training: In depth knowledge of cyber security technologies, processes, and threat intelligence; Must exhibit efficiency, collaboration, candor, and results orientation; Ability to exercise good judgment and political astuteness; Demonstrated ability to structure, drive, and manage projects with complex multi-disciplinary issues to closure with minimal direction; Excellent analytical and problem solving skills; Excellent communication, interpersonal and organizational skills.

Essential Functions

  • Manages subordinate staff in the day to day performance of their jobs and has management level authority for personnel actions.
  • Trains and coaches information security staff on the various security technologies and alerts to ensure proper response and risk mitigation.
  • Ensures Infosec project / department milestones and goals are met and adhere to approved budgets.
  • Creates information security metrics and analyze over time to assist Director Information Security with the development of information security plans and strategic goals.
  • Leads incident management command centers and activities in the event of a data breach or high risk vulnerability, identify the security risks involved and resolve them.
  • Performs security risk assessments and coordinate organizational actions to resolve.
  • To review the security plans that have been implemented on the systems throughout the entire network of the organization, thus acting as an information security consultant 
  • To act as a liaison to the department of information system and to monitor its compliance and direct the unsolved issues to the appropriate department.
  • Provide information security awareness training to organization personnel.
  • Create and manage security strategies.
  • Oversee information security audits, whether performed by organization or third-party personnel.
  • Manage security team members and all other information security personnel.
  • Provide training to information security personnel during onboarding.
  • Evaluate department budget and costs associated with technological training.
  • Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.
  • Implement and oversee technological upgrades, improvements and major changes to the information security environment.
  • Serve as a focal point of contact for the information security team and the customer or organization.
  • To initiate, develop, and maintain information security policies and procedures and to ensure that the security strategies are being followed, so as to meet the organizational security goals and standards.
  • Communicate information security goals and new programs effectively with other department managers within the organization.

Duties & Responsibilities

  • Demonstrates leadership through the following critical responsibilities:                    
    • Develops and facilitates Tactical Planning Activities
      • Works with the Director of Information Security to develop work plans define tasks, target dates, level of efforts, resources required, skills required, etc.
      • Works with the Director, Information Security to appropriately assign and monitor the performance of the Information Security team members on approved projects.
      • Maintains a high level of awareness and recognition of situations that are possible risk issues and works diligently to mitigate or eliminate risks whenever possible.
      • Manages and leads multiple interrelated projects concurrently as well as manage daily operations. 
      • Involves appropriate individuals and groups when planning for and implementing IT-related projects or IT-related process changes.
      • Actively participates in decision-making with the Director, Information Security to change or modify policies, systems, resource allocations etc., in order to remove barriers and meet customer needs.    
      • As needed, facilitates the resolution of IT specific end-user questions and issues.
    • Establishes and Enforces Team and Individual Accountability
      • Sets clear defined written performance 
      • Holds self and team members accountable in meeting stated objectives, timetables and commitments.    
      • Works with the Director, Information Security to establish performance expectations and measurements for individuals assigned to projects.    
    • Monitors and Communicates Status
      • Tracks, reviews and communicates status of projects timely and accurately
      • Regularly communicates progress, issues and results of assigned projects to the Director, Information Security, CIO, other IS Directors, IS stakeholders, and customers. 
      • Works with the Director, Information Security to manage and monitor the expectations of impacted personnel regarding assigned projects.
      • Effectively uses a variety of techniques (verbal and written) to ensure clear and timely communication to the Director, Information Security, CIO, other IS Directors, and customers / IS stakeholders. 
      • Ensures Information Security Team is aware of projects, issues, priorities, situations, etc. to enable them to understand what they need to be working on or thinking about.    
    • Promotes teamwork and collaboration
      • Facilitates group learning and problem solving    
      • Initiates formal and informal activities designed to promote team building.
      • Encourages creative tension and supports collaborative conflict resolution by     identifying common ground and exploring differences.
    • Focus on Recruitment and Retention Initiative
      • Define the skills needed for specific members.    
      • Coordinate and lead interviews for candidates interested in open positions and participate in interviewing candidates for other open IS positions.
      • Consistently monitor performance and assesses competency of the IS team members. 
      • Takes timely, appropriate actions to address substandard performers and when necessary administer progressive discipline.
      • Leads by example.
      • Must be able to work effectively with diverse groups of people and communicate effectively with all levels of hospital staff, physicians, vendors and consultants.
      • Performs all other duties as assigned.

We are committed to offering quality, cost-effective benefits choices for our employees and their families:

  • Day ONE medical, dental and life insurance benefits 
  • Health care and dependent care flexible spending accounts (FSAs)
  • Employees are eligible for enrollment into the 403(b) match plan day one.  LHI matches dollar for dollar up to 6%.
  • Employer paid life insurance – equal to 1x salary
  • Employee may elect supplemental life insurance with low cost premiums up to 3x salary 
  • Adoption assistance
  • LHI provides its full-time employees employer paid short-term disability and long-term disability coverage after 90 days of eligible employment
  • Tuition reimbursement
  • Student loan forgiveness

Equal Opportunity Employer
It is the policy of Lexington Health to provide equal opportunity of employment for all individuals, and to remain compliant with applicable state and federal laws and regulations. Lexington Health strives to provide a discrimination-free environment, and to recruit, select, on-board, and employ all employees without regard to race, color, religion, sex, age, disability, national origin, veteran status, or pregnancy, childbirth, or related medical conditions, including but not limited to, lactation. Lexington Health endeavors to upgrade and promote employees from within the hospital where possible and consistent with the employee’s desires and abilities and the hospital’s needs.


Nearest Major Market: Columbia
Nearest Secondary Market: South Carolina