Information Security Officer
Concord, MA

Job Description

Cardinal Health Inventory Management Solutions (CIMS) is a SaaS solution enabling healthcare providers and manufacturers to effectively manage supplies with market-leading innovative technology. CIMS leverages a portfolio of advanced hardware (e.g. RFID) and cloud-based software including an advanced analytics platform providing full visibility and control of all supplies from low cost commodities to high cost devices and implants. Our global footprint and continuous innovation deliver the most cost effective and workflow efficient patient care possible.

We are seeking high-energy, customer-focused team members to join the Cardinal Health team and lead the industry optimizing supply chain, inventory management and clinical workflow practices.

ACCOUNTABILITIES

As Information Security Officer, you will be managing information security operations. You will develop policies and procedures to protect the confidentiality, integrity, and availability of CIMS information. You will lead the enforcement of these policies ensuring that CIMS is compliant with local and international regulations. Job responsibilities include:

* Develop and implement comprehensive set of policies, processes, and procedures to achieve audit compliance for SSAE 18 SOC2
* In accordance with international and national security and privacy standards, enforce CIMS security policies and procedures
* Ensure healthcare information security best practices and HIPAA compliance utilizing NIST and HITRUST CSF
* Serve as liaison to Cardinal Health corporate security team to ensure knowledge share and adherence to best practices
* Work with the engineering and operations teams to ensure that the infrastructure design meets industry security requirements
* Monitor security trends and drive security best practices throughout the organization
* Work with third party firms and consultants to conduct independent security audits, vulnerability scans, and penetration tests
* Collaborate with legal and sales teams providing security guidance
* Conduct risk analysis and advise senior management on appropriate remediation
* Investigate, drive resolution, and document security incidents

Qualifications

* Demonstrated experience leading information security initiatives and cyber threat operations
* Demonstrated experience with incident management
* Familiarity with FIPS, ISO, and HIPAA standards
* Professional certifications in the information security space (e.g. CISM, CISSP)
* Strong written and verbal communication skills
* Experience advising and mentoring diverse teams where you do not have direct authority
* Strong problem solving skills
* Strong organizational skills
* Bachelor's degree in Computer Science, Information Science, or related field

Cardinal Health is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status.