Job Directory Research Information Security Analyst II / 40 Hours / Day / BWH Research Administration

Research Information Security Analyst II / 40 Hours / Day / BWH Research Administration
Somerville, MA

Companies like
are looking for tech talent like you.

On Hired, employers apply to you with up-front salaries.
Sign up to start matching for free.

About

Job Description

Reporting to the Brigham Health Information Security Officer and as a member of the Brigham Health IS team, this person will be responsible for support and quality customer service for a range of different projects, initiatives and applications. The Research Information Security Analyst II functions in a matrixed environment and interfaces with Brigham Health IS, Research Computing, Research Compliance, Research Administration, Privacy Offices, the IRB, and the Partners/ Brigham Health research community. The Research Information Security Analyst II will help to develop, manage and implement all aspects of the information security program relating to research at Brigham and Women's Hospital (BRIGHAM HEALTH).

The Research Information Security Analyst II works with the Brigham Health ISO (Information Security Officer) and RISO (Research Information Security Officer), and Research Compliance to develop controls that take into account the needs of research while balancing the requirements of both the Information Security and Privacy Office (ISPO) and Compliance Office. The Research Information Security Analyst II will work to understand the unique challenges of the research community, their needs, and advocate for sensible policies, procedures, and controls that will address the needs of both Partners corporate and the research community, while following Partners Information Security and Compliance policies and best practices. The Research Information Security Analyst II acts as an advisor to researchers and research IT staff based on matters of research data, and acts as liaison with PHS Information Security and Research Compliance staff as needed to help resolve issues.

Principal Duties and Responsibilities:

* In coordination with hospital Information Security Officers, Research Compliance, CISPO staff and aligned with the Partners-wide security strategy, works with the RISO and Brigham Health ISO to develop, implement, and manage the PHS IS Information Security and Compliance programs for Brigham Health Research.
* Participates in the development of PHS system-wide information security and privacy policies, and in the formulation of procedures and practices to ensure compliance by research staff and their collaborators.
* Works with the RISO and Brigham Health ISO to develop and implement an ongoing education program regarding information security including the nature of and rationale for new policies as they are developed for the research communities. Provide for training on IS security specific issues for various committees, departments and disciplines throughout the hospitals.
* Works with the IRB and Contracts office to develop methods to integrate data security into their processes.
* Advise and inform PHS policy on data security reviews, data use agreements, data transfer agreements, and other agreements involving the use and transfer of research data.
* Conduct and advise on RISO Ancillary Data Security Reviews and the review of Brigham Health Data Security and Data Sharing Plans
* Advises & reviews projects and programs on data compliance during design and implementation.
* Represent research data compliance at research and information security and privacy committees. Participate in committee subgroups and data compliance related initiatives as necessary.
* Act a member of the Brigham Health innovation committee, representing research information security.
* Uses the Partners HealthCare values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.
* Conduct Privacy, Security and Data Protection assessments
* Coordinate, integrate and improve the enterprise Vulnerability Management Program
* Coordinates and participates in Security and Privacy incident responses
* Other related duties as necessary.

Qualifications:

* Bachelor's degree (B.A. / B.S.) or equivalent in computer science, Cyber Security, Information Assurance, or equivalent discipline from an accredited college or university required.
* 5 years of experience in IT/IS preferred
* Cybersecurity, Information Security or Information Assurance certification preferred, e.g. CISA, CISM, CISSP, SEC , or SANS401
* 1 year of experience with the research mission at an academic medical center or equivalent organization preferred.
* Knowledge of information security regulations, including the HIPAA Security Rule, FISMA, 201 CMR 17.00, 21 CFR part 11, PCI, ISO 27001, NIST 800 control family and GDPR desirable
* Knowledge and experience with research-related regulations, IRB-practices, and other aspects of the research enterprise preferred.

Skills/Abilities/Competencies Required:

* Ability to cooperatively and effectively work with people from all organizational levels and build consensus through teamwork, negotiation and diplomacy
* Knowledge of information systems technologies, products, services, and demonstrated eagerness to learn new technologies.
* Excellent written and spoken communication and presentation skills.
* Demonstrated interpersonal, communication and project management skills with a professional demeanor.
* Demonstrated ability to work independently, supporting a distributed workforce using connected technologies.
* Exhibiting a high level of initiative, the ability to multitask and prioritize work requirements and projects within a dynamic and evolving environment.
* Exceptional customer service skills.
* Strong analytical and problem-solving skills.
* Understands the technology capability as it relates to the business requirements.
* Strong written and verbal communication skills.
* Strong organizational skills.
* Willingness and ability to be "hands on" with issues and projects.
* Can independently conduct meetings, both formal and informal including project team meetings, major departmental meetings, and user meetings.
* Ability to self-manage, assuming full ownership of overall outcomes from start to finish.
* Ability to multitask and prioritize.
* Ability to understand the work environment and competing priorities in conjunction with developing/meeting project goals.
* Self-motivated, independent and possesses the ability to learn quickly.
* Ability to work with vendors and other external parties, negotiating or pushing as necessary to meet project timelines/goals or Partners standards.
* Ability to be flexible, versatile and adaptable in a rapidly changing multi-site enterprise environment.

Let your dream job find you.

Sign up to start matching with top companies. It’s fast and free.