Research Information Security Officer
Research Information Security Officer
Posted on :
09-04-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
09-04-2025
Job Description
As a notforprofit organization Partners HealthCare is committed to supporting patient care research teaching and service to the community by leading innovation across our system. Founded by Brigham and Womens Hospital and Massachusetts General Hospital Partners HealthCare supports a complete continuum of care including community and specialty hospitals a managed care organization a physician network community health centers home care and other healthrelated entities. Several of our hospitals are teaching affiliates of Harvard Medical School and our system is a national leader in biomedical research.
Were focused on a peoplefirst culture for our systems patients and our professional family. Thats why we provide our employees with more ways to achieve their potential. Partners HealthCare is committed to aligning our employees personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal developmentand we recognize success at every step.
Our employees use the Partners HealthCare values to govern decisions actions and behaviors. These values guide how we get our work done: Patients Affordability Accountability & Service Commitment Decisiveness Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion Integrity & Respect Learning Continuous Improvement & Personal Growth Teamwork & Collaboration.
Bachelors degree in Information Systems computer science or equivalent degree required. Masters preferred.
CISSP CISM CISA or equivalent certification required.
At least 5 years of Information Security / Risk Management experience required.
Knowledge of information security regulations including the HIPAA Security Rule FISMA and 201 CMR 17.00.
Solid understanding of Information Security standards from organizations such as NIST ISO and other standards settings bodies.
Experience with the research mission at an academic medical center or equivalent organization.
Knowledge and experience with researchrelated regulations IRBpractices and other aspects of the research enterprise.
Excellent communications and presentation skills.
Demonstrated knowledge and understanding of information technology systems and architecture.
Were focused on a peoplefirst culture for our systems patients and our professional family. Thats why we provide our employees with more ways to achieve their potential. Partners HealthCare is committed to aligning our employees personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal developmentand we recognize success at every step.
Our employees use the Partners HealthCare values to govern decisions actions and behaviors. These values guide how we get our work done: Patients Affordability Accountability & Service Commitment Decisiveness Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion Integrity & Respect Learning Continuous Improvement & Personal Growth Teamwork & Collaboration.
General Overview/Summary
Reporting to the Partners Chief Information Security and Privacy Officer (CISPO) the Research Information Security Officer (RISO) functions in a matrixed environment with direction from the Corporate Director of Research Computing. The RISO will develop manage and implement all aspects of the information security program relating to research across Partners academic medical centers including Massachusetts General Hospital (MGH) Brigham and Womens Hospital (BWH) and McLean Hospitals and their affiliates.
The RISO works closely with various security and privacy committees IS and research management to understand business and operational objectives in order to identify security related needs such as policy development and compliance education and training efforts risk assessment and breach mitigation strategies in order to most effectively safeguard Partners information assets. He/she will work with the site research leadership to incorporate the security program into the culture of the research enterprise. The Senior Information Security Specialist act as an advisor to researchers and research IT staff based on information security issues and acts as liaison with PHS information security staff as needed to help resolve issues.
The RISO works closely with various security and privacy committees IS and research management to understand business and operational objectives in order to identify security related needs such as policy development and compliance education and training efforts risk assessment and breach mitigation strategies in order to most effectively safeguard Partners information assets. He/she will work with the site research leadership to incorporate the security program into the culture of the research enterprise. The Senior Information Security Specialist act as an advisor to researchers and research IT staff based on information security issues and acts as liaison with PHS information security staff as needed to help resolve issues.
Principal Duties and Responsibilities
In coordination with hospital security officers ISPO staff and aligned with the Partnerswide security strategy develops implements and manages the PHS IS Information Security program for the research enterprise.
Participates in the development of PHS systemwide information security and privacy policies and in the formulation of procedures and practices to ensure compliance by research staff and their collaborators.
Develops and implements an ongoing education program regarding information security including the nature of and rationale for new policies as they are developed for the research communities. Provide for training on IS security specific issues for various committees departments and disciplines throughout the hospitals.
Manages the research IS security risk assessment program. Develops and follow a plan to assess systems and application security risk data use certifications and security plans; identify gaps through analyses implement mitigation steps and monitor compliance. Present findings and recommendations to leadership.
Work with clinical Translational and administrative research departments to achieve compliance with governmental regulations (HIPAA security standards MA 201 CMR 17.00 FISMA/FIPS with regard to federallysponsored contracts etc) and hospital policies for protecting individually identifiable health information that is transmitted or stored electronically.
Develop and maintain security documentation as required for outside regulatory agencies (Joint Commission Office of Civil Rights Federal contracting agencies and officers etc).
Implements and documents risk mitigation strategies in the research environment consistent with PHS Information Security policies and requirements.
Maintains uptodate knowledge of and expertise in the administration and management of the PHS information security program.
Coordinate efforts in the management of security incident investigations that may involve systems containing protected health information Assure ediscovery procedures take place as necessary and mitigation efforts are documented.
Advises research projects and programs on information security issues during design and implementation.
Represent research on the Partners HealthCare Information Security Operating Committee participating in Committee subgroups and securityrelated initiatives as necessary.
Manage the development implementation documentation communication testing and periodic review and revision of business continuity and disaster recovery plans for research.
Other related duties as necessary.
Participates in the development of PHS systemwide information security and privacy policies and in the formulation of procedures and practices to ensure compliance by research staff and their collaborators.
Develops and implements an ongoing education program regarding information security including the nature of and rationale for new policies as they are developed for the research communities. Provide for training on IS security specific issues for various committees departments and disciplines throughout the hospitals.
Manages the research IS security risk assessment program. Develops and follow a plan to assess systems and application security risk data use certifications and security plans; identify gaps through analyses implement mitigation steps and monitor compliance. Present findings and recommendations to leadership.
Work with clinical Translational and administrative research departments to achieve compliance with governmental regulations (HIPAA security standards MA 201 CMR 17.00 FISMA/FIPS with regard to federallysponsored contracts etc) and hospital policies for protecting individually identifiable health information that is transmitted or stored electronically.
Develop and maintain security documentation as required for outside regulatory agencies (Joint Commission Office of Civil Rights Federal contracting agencies and officers etc).
Implements and documents risk mitigation strategies in the research environment consistent with PHS Information Security policies and requirements.
Maintains uptodate knowledge of and expertise in the administration and management of the PHS information security program.
Coordinate efforts in the management of security incident investigations that may involve systems containing protected health information Assure ediscovery procedures take place as necessary and mitigation efforts are documented.
Advises research projects and programs on information security issues during design and implementation.
Represent research on the Partners HealthCare Information Security Operating Committee participating in Committee subgroups and securityrelated initiatives as necessary.
Manage the development implementation documentation communication testing and periodic review and revision of business continuity and disaster recovery plans for research.
Other related duties as necessary.
CISSP CISM CISA or equivalent certification required.
At least 5 years of Information Security / Risk Management experience required.
Knowledge of information security regulations including the HIPAA Security Rule FISMA and 201 CMR 17.00.
Solid understanding of Information Security standards from organizations such as NIST ISO and other standards settings bodies.
Experience with the research mission at an academic medical center or equivalent organization.
Knowledge and experience with researchrelated regulations IRBpractices and other aspects of the research enterprise.
Excellent communications and presentation skills.
Demonstrated knowledge and understanding of information technology systems and architecture.
Skills/Abilities/Competencies Required
Normal office conditions. Travel to metroarea sites as required
Partners HealthCare is an Equal Opportunity Employer & by embracing diverse skills perspectives and ideas we choose to lead. All qualified applicants will receive consideration for employment without regard to race color religious creed national origin sex age gender identity disability sexual orientation military service genetic information and/or other status protected under law. Ability to cooperatively and effectively work with people from all organizational levels and build consensus through teamwork negotiation and diplomacy
Knowledge of information systems technologies products services and demonstrated eagerness to learn new technologies.
Demonstrated interpersonal communication and project management skills with a professional demeanor.
Demonstrated ability to work independently supporting a distributed workforce using connected technologies.
exhibiting a high level of initiative the ability to multitask and prioritize work requirements and projects within a dynamic and evolving environment.
Exceptional customer service skills.
Working Conditions
Knowledge of information systems technologies products services and demonstrated eagerness to learn new technologies.
Demonstrated interpersonal communication and project management skills with a professional demeanor.
Demonstrated ability to work independently supporting a distributed workforce using connected technologies.
exhibiting a high level of initiative the ability to multitask and prioritize work requirements and projects within a dynamic and evolving environment.
Exceptional customer service skills.
Working Conditions
Normal office conditions. Travel to metroarea sites as required
Required Experience:
Unclear Seniority
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
