Why work for Nebraska Methodist Health System
At Nebraska Methodist Health System we focus on providing exceptional care to the communities we serve and people we employ. We call it The Meaning of Care a culture that has and will continue to set us apart. Its helping families grow by making each delivery special conveying a difficult diagnosis with a compassionate touch going above and beyond for a patients needs or giving a high five when a patient beats a disease or conquers a personal health challenge. We offer competitive pay excellent benefits and a great work environment where all employees are valued! Most importantly our employees are part of a team that makes a real difference in the communities we live and work in.

Job Summary:

Responsibilities:

Essential Functions

1. Risk Management and Third-Party Vendor Security: 50%

• Performs information security risk and compliance efforts in support of NMHSs Information Security programs.

• Perform risk assessment activities for the protection of information assessments to other functional units.

• Coordinates Information Security risk assessments for all PHI and critical business applications.

• Assumes a leadership role in understanding and mitigating risk with Security Risk assessments.

• Completes corporate Information Security risk assessments.

• Analyze and ensure the handling storage and dissemination of PHI.

• Perform PCI-DSS annual attestations.

• Collaborate with cross-functional teams to integrate effective security risk controls into business operations and project planning process.

2. Security Policy Development and Implementation: 25%

• Maintain relevant Information Security policies and procedures.

3. Collaboration: 15%

• Collaborating with external security experts and vendors.

• Coordinate with the Privacy Officer on matters related to data privacy.

• Work with privacy officer regarding privacy concerns.

• Participates in weekly IT Security team meetings Incident Response Tabletops and One on One.

• Additional duties as assigned by privacy officer.

4. Compliance and Confidentiality: 10%

• Adhere to healthcare regulations and maintain patient confidentiality in compliance with HIPAA.

• Safeguards sensitive and confidential information byadhering to and enforcing data access policies monitoring for unauthorized access and ensuring compliance with privacy regulation such as HIPAA.

Schedule:

Remote option available. Mon - Fri business hours.

Job Description:

Job Requirements

Education

• Bachelors degree or higher in a Computer Science or related field required.

• Must meet continuing education and certification requirements related to the position.

Experience

• Minimum of 3 to 5 years experience in IT and HIPAA privacy/security required.

License/Certifications

• CompTIA Security certification required within 1 year of hire.

• A Security certification and or Certification as a Certified Information Systems Security Professional (CISSP) or other security related certification preferred.

Skills/Knowledge/Abilities

• Knowledge of Information security risk management concepts and security framework

• Knowledge of NIST publications ISO:27002 controls and SOC 2

• Knowledge of health care operations and security measures.

• Knowledge of Health Insurance Portability and Accountability Act of 1996 (HIPAA) HIPAA Security Rule & Health & Health Information Technology for Economic and Clinical Health (HITECH) Act.

• Organizational and analytical skills including ability to work with auditing tools software and spreadsheets.

• Strong verbal communication skills for positive interaction with customers co-workers and various business contacts in a courteous and professional manner.

• Skill in written and verbal communication skills across multiple projects and team members.

• Ability to conceptualize technical security topics.

• Able to read write and comprehend various written reports and documents.

• Ability to effectively organize prioritizeand manage multiple projects/tasks to meet deadlines.

• Ability to gather administrative and technical information to evaluate controls for assessments.

• Excellent customer service skills.

Physical Requirements

Weight Demands

• Light Work - Exerting up to 20 pounds of force.

Physical Activity

• Not necessary for the position (0%):

  • Climbing

  • Crawling

  • Kneeling

• Occasionally Performed (1%-33%):

  • Balancing

  • Carrying

  • Crouching

  • Distinguish colors

  • Grasping

  • Lifting

  • Pulling/Pushing

  • Standing

  • Stooping/bending

  • Twisting

  • Walking

• Frequently Performed (34%-66%):

  • Keyboarding/typing

  • Reaching

  • Repetitive Motions

  • Sitting

  • Speaking/talking

• Constantly Performed (67%-100%):

  • Hearing

  • Seeing/Visual

Job Hazards

• Not Related:

  • Chemical agents (Toxic Corrosive Flammable Latex)

  • Biological agents (primary air born and blood born viruses) (Jobs with Patient contact) (BBF)

  • Physical hazards (noise temperature lighting wet floors outdoors sharps) (more than ordinary office environment)

  • Equipment/Machinery/Tools

  • Explosives (pressurized gas)

  • Electrical Shock/Static

  • Radiation Alpha Beta and Gamma (particles such as X-ray Cat Scan Gamma Knife etc)

  • Radiation Non-Ionizing (Ultraviolet visible light infrared and microwaves that causes injuries to tissue or thermal or photochemical means)

  • Mechanical moving parts/vibrations

About Methodist:

Nebraska Methodist Health System is made up of four hospitals in Nebraska and southwest Iowa more than 30 clinic locations a nursing and allied health college and a medical supply distributorship and central laundry facility. From the day Methodist Hospital was chartered in 1891 service to our communities has been a top priority. Financial assistance health education outreach to our diverse communities and populations and other community benefit activities have always been central to our mission.

Nebraska Methodist Health System is an Affirmative Action/Equal Opportunity Employer and does not discriminate on the basis of race color religion sex age national origin disability veteran status sexual orientation gender identity or any other classification protected by Federal state or local law.