Address
Form of work
SalaryTitle:
Director, Information Security Governance, Risk and Compliance Job Type:
Regular Company:
Roswell Park Cancer Institute Department:
Information Security Time Type:
Full time Weekly Hours:
40 FTE:
1 Shift:
First Shift (United States of America) Summary:
Oversees the processes and personnel involved in the Governance, Risk and Compliance (GRC) functions of the Information Security Department. Leads a team with a hands-on approach; ensures that risk assessments, security training and awareness, third party risk management, and other risk functions are performed in a consistent and thorough manner aligned with industry best practices and recognized security frameworks. Works with internal and external auditors to assess the maturity of the Information Security program. Furthers the maturity of the GRC program through the adoption and refinement of tools, standards, and processes in order to assist the overall Information Security Department to communicate and prioritize risk, and develop a risk-informed strategy for addressing current gaps and future threats.Starting salary for this position is $161,676 annually which includes a comprehensive benefits package.
Qualifications:
Required Education and ExperienceCertification Requirement
Current Cybersecurity certification, such as, Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Certified Risk and Information Systems Control (CRISC), Global Information Assurance Certification (GIAC), or equivalent Information Security certification.
Education and Experience
1. Master's degree in Computer Science, Information Systems or a related field and the equivalent of eight (8) years of full-time experience in Information Security related hardware, software and processes; or
2. Bachelor's degree in Computer Science, Information Systems or a related field and the equivalent of ten (10) years of full-time experience in Information Security related hardware, software, and processes; or
3. Associate's degree in Computer Science, Information Systems or a related field and the equivalent of twelve (12) years of full-time experience in Information Security related hardware, software, and processes; or
4. High School Diploma or High School Equivalency Diploma and the equivalent of fourteen (14) years of full-time experience in Information Security related hardware, software and processes.
NOTE: Required degrees must have been granted by an accredited school, college or university or one recognized by Roswell Park Comprehensive Cancer Center as following acceptable educational practices.
Preferred Qualifications:
The preferred candidate will be Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or other similar credentials. they will also have prior HIPAA experience, prior management experience, and GRC tool experience.
Equal Employment Opportunity Statement
Roswell Park Cancer Institute Corporation (RPCIC) and Health Research Inc. (HRI) Roswell Park Division believe that all persons are entitled to equal employment opportunities, and we do not discriminate against our employees, applicants or job seekers because of their race, color, religion, sex, sexual orientation, gender identity or expression, national origin, creed, age, disability, pregnancy-related condition, military or veteran status, marital or familial status, domestic violence victim status, citizenship status, genetic information, individual’s relationship or association with a member of a protected category or any other protected group status as defined by law.
Reasonable Accommodation Request
RPCIC and HRI are committed to working with and providing reasonable accommodation to individuals with disabilities. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please email
HR-PayAndBenefits@RoswellPark.org
and let us know the nature of your request and your contact information. Our Core Values
RPCIC and HRI are committed to providing an environment where patients, families, employees and community are treated with courtesy and respect. We support an inclusive environment that nurtures the talents, skills and abilities of each individual to embody and reflect our core values: Innovation, Integrity, Teamwork, Commitment, Compassion and Respect.
Historical Compensation Information Statement
Pursuant to Executive Order 161, no State entity, as defined by the Executive Order, is permitted to ask, or mandate, in any form, that an applicant for employment provide his or her current compensation, or any prior compensation history, until such time as the applicant is extended a conditional offer of employment with compensation. If such information has been requested from you before such time, please contact the Governor’s Office of Employee Relations at (518) 474-6988 or via email at
info@goer.ny.gov
.
