Sr. Cybersecurity Liaison | Information & Network Security Services
GENERAL SUMMARY:
The position reports directly to the Deputy Information Security Officer. This position will work in a collaborative effort within the Information Privacy and Security Office and the Community Care Services (CCS) business unit and/or assigned Joint Venture(s) to ensure security programs and technical controls follow policies, applicable laws, and regulations. This position is responsible for aligning the strategy/services provided by CCS with IPSO policies, procedures, processes, and services to ensure compliance and protection of patient and organizational systems and data. An ability to communicate effectively through the leadership ranks and executive presence with influencer leadership are essential. This liaison role is critical for aligning cybersecurity with business unit priorities. The Sr. Cybersecurity Liaison is the primary point of contact between the Information Privacy and Security Office (IPSO) and the Community Care Services (CCS) assigned business unit. In addition, Joint Venture(s) (JV) relationship management may be assigned as needed.
Key success criteria for this role include:
- Raise the cybersecurity program's profile within the organization.
- Increase delivery of cybersecurity services internally.
- Connect with assigned unit, learn their needs, and offer them cybersecurity and operational support; and
- Organize and execute cybersecurity service delivery.
PRINCIPLE DUTIES AND RESPONSIBILITIES:
- Build relationships with business unit leaders to align business goals with cybersecurity priorities and reframe risk discussions in business terms.
- Liaise between cybersecurity and assigned business unit(s) to ensure adherence to appropriate cybersecurity policies, standards, and frameworks.
- Evaluate business unit initiatives and provide cybersecurity recommendations based on guidance and policy relating to each program or system.
- Consult with business unit to assess security needs, identify gaps, and develop risk mitigation strategies.
- Educate stakeholders on cybersecurity-related matters to increase awareness and improve culture.
- Provide knowledge and guidance on IPSO service catalog processes to ensure compliance and successful implementation of business, health products, and services.
- Coordinate with IPSO and IT groups to implement security processes and controls that enable business objectives.
- Advocate for cybersecurity interests and represent business unit security concerns.
- Identify improvement opportunities (proactive and reactive)
- Participate in cybersecurity and business-related councils or working groups, as necessary.
- Respond to business unit queries in support of the business initiatives and projects.
- Document and represent business unit requests for exceptions to security policies/standards.
EDUCATION/EXPERIENCE REQUIRED:
- Bachelor’s degree in business, Information Technology, Cybersecurity, or related field.
- Minimum 10 years of experience in Information Security, Information Assurance and/or Cyber Security space.
- Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or other similar credentials required.
- Knowledge and understanding of relevant legal and regulatory requirements.
- Strong ability to convey complex information risk and security issues in a manner that is easily understood and actionable.
- Understanding of how business initiatives create value and risk for organizations.
- Excellent verbal and written communication skills with a wide range of audiences including technologists, executives, business stakeholders and IT team members.
- Cyber security risk management experience, e.g., conducting assessments, identifying risks, and recommending solutions.
- Technology acumen (working knowledge) and awareness of key infrastructure, networking, IT operations and cyber & information security processes.
Additional Details
This posting represents the major duties, responsibilities, and authorities of this job, and is not intended to be a complete list of all tasks and functions. It should be understood, therefore, that incumbents may be asked to perform job-related duties beyond those explicitly described above.
Overview
Partnering with nearly 2 million people on their health journey, Henry Ford Health provides a full continuum of services at 250 care locations throughout southeast and south central Michigan. With 33,000 valued team members, Henry Ford is also among Michigan’s largest and most diverse employers. Our superior care and discoveries are powered by nearly 6,000 physicians, researchers and advanced practice providers. Learn more at henryford.com.
Benefits
Whether it's offering a new medical option, helping you make healthier lifestyle choices or
making the employee enrollment selection experience easier, it's all about choice. Henry
Ford Health has a new approach for its employee benefits program - My Choice
Rewards. My Choice Rewards is a program as diverse as the people it serves. There are
dozens of options for all of our employees including compensation, benefits, work/life balance
and learning - options that enhance your career and add value to your personal life. As an
employee you are provided access to Retirement Programs, an Employee Assistance Program
(Henry Ford Enhanced), Tuition Reimbursement, Paid Time Off, Employee Health and Wellness, and a whole host of other benefits and services. Employee's classified as contingent status are not eligible for benefits.
Equal Employment Opportunity/Affirmative Action Employer
Equal Employment Opportunity / Affirmative Action Employer Henry Ford Health is
committed to the hiring, advancement and fair treatment of all individuals without regard to
race, color, creed, religion, age, sex, national origin, disability, veteran status, size, height,
weight, marital status, family status, gender identity, sexual orientation, and genetic information,
or any other protected status in accordance with applicable federal and state laws.