Share this Job

Manager, IT GRC (Governance, Risk, Compliance)

Apply now »

Date: Sep 20, 2017

Location: Atlanta, GA, US, 30345

Company: Children's Healthcare of Atlanta

Requisition #:  18452     
Name of Location:   Park West
Work Schedule:  Day
Employment Type:  Full-Time
Work Days:  Monday - Friday 

JOB SUMMARY

JOB SUMMARY

Children’s has been ranked on Fortune magazine’s list of “100 Best Companies to Work For” for twelve consecutive years. We offer a comprehensive compensation and benefit/perks package that supports our mission, vision and values. We are proud to offer an array of programs and services to our employees that have distinguished us as a best place to work in the country and believe in work life balance and flexible and partial remote schedules.  Connect to our mission of being Dedicated to All Better and impact the lives of hundreds of thousands of patients and their families each year by contributing your talent and skills to our organization.

 

Children's Healthcare of Atlanta is expanding, and is adding a Manager, IT Gov Risk & Compliance to our team on a permanent basis.  The Mgr, IT GRC Protects the confidentiality, integrity, and availability of Children's Healthcare of Atlanta's information systems. Serves as expert advisor to management, peers, and clinical users in defining, recommending, and implementing necessary policies, controls, and procedures to cost-effectively assess and manage security-related risk, educate workforce, and participate in regulatory compliance activities. Assists with development, implementation, and maintenance of world-class information security organization, including annual and ad-hoc information security risk assessments, policy governance, compliance with regulatory requirements, information security training and awareness initiatives, third-party audits and assessments, contract and procurement guidelines, and third-party risk. Oversees and coordinates information security-related risk management.

EDUCATION

  • Bachelor's degree in Computer Science, Information Systems, or related field

EXPERIENCE*

  • 7 years of experience in practitioner and management with information security governance, including organizational structure/concepts/controls, audits, information technology security/risk/risk frameworks, information technology governance, internal and external audit, and compliance functions
  • Experience in risk assessment and policy governance, including policies/standards/guidelines/procedures/exceptions, audits and assessments, compliance tracking and training and awareness.
  • Experience in practitioner and management with measuring, managing, and reporting on risk at senior management level
  • Experience in working with legal, audit, and compliance staff
  • Experience in developing and maintaining policies, procedures, standards, and guidelines
  • Experience in driving risk-based decisions supporting business owner expectations and needs

PREFERRED QUALIFICATIONS*

  • Master’s degree
  • Certified in Risk and Information Systems Control (CRISC), Certified Information Systems Security Professional (CISSP), or Certified Information Security Manager (CISM)
  • Strong knowledge and experience of applicable frameworks and regulatory requirements, e.g., HIPAA (Health Insurance Portability and Accountability Act), ISO 2700x, PCI (Payment Card Industry) DSS (Data Security Standard, NIST (National Institute of Standards and Technology), HITRUST (Health Information Trust Alliance), Joint Commission, and privacy law
  • Experience in leadership in an information technology support organization
  • 2 years of experience in a healthcare setting

KNOWLEDGE SKILLS & ABILITIES*

  • Strong leadership abilities with the capability to develop and guide information security team members and work with minimal supervision
  • Demonstrated knowledge of generally known information technology platforms, standards, and software development language(s)
  • Demonstrated capability to learn and adapt to new situations and requirements in a dynamic environment
  • Excellent verbal, written, and interpersonal communication skills, including ability to communicate effectively and build consensus with teams across organizational lines, including business leaders/managers, information technology engineering/operations, administrators, physicians, nurses, allied health workers, and patient care systems users

JOB RESPONSIBILITIES*

  1. Manages IT governance, risk and compliance team.
  2. Works closely with leadership and teams to prioritize work to accomplish goals and maintain operations.
  3. Develops quality measures to assess overall success of team and information security program and provides reports to leadership.
  4. Evaluates/selects relevant vendor tools based on project requirements and communicates with established and potential vendors to establish and maintain relationships resulting in successful security operations.
  5. Contributes to the definition of and managing the information security program.
  6. Analyses, defines, and implements technology and policy architecture.
  7. Champions awareness, influences compliance with security policies, and provides solutions for business-specific security issues.
  8. Serves as thought leader for information security regulatory compliance.
  9. Responsible for all aspects of managing and leading a team including: interviewing, hiring, training, developing, directing work and processes, managing performance, recognizing, and rewarding employees.
  10. Mentor team members to encourage personal and professional growth.
  11. Encourage ongoing skill development by providing opportunities for continued education.

SYSTEM RESPONSIBILITIES*

Safety: Practices proper safety techniques in accordance with hospital and departmental policies and procedures. Responsible for the reporting of employee/patient/visitor injuries or accidents, or other safety issues to the supervisor and in the occurrence notification system.

 

Compliance: Monitors and ensures compliance with all regulatory requirements, organizational standards, and policies and procedures related to area of responsibility. Identifies potential risk areas within area of responsibility and supports problem resolution process. Maintains records of compliance activities and reports compliance activities to the Compliance Office.

 

The above statements are intended to describe the general nature and level of work performed by people assigned to this classification.  They are not intended to be an exhaustive list of all job duties performed by the personnel so classified.

PHYSICAL DEMANDS*

Ability to lift up to 15 lbs independently not to exceed 50 lbs without assistance

Bending/Stooping - Occasionally (activity or condition exists up to 1/3 of time)

Climbing - Not Present

Hearing/Speaking - Effective communication with employees, supervisors/managers and staff. Effective communications with patients and visitors, as required.

Lifting - Occasionally (activity or condition exists up to 1/3 of time)

Pushing/Pulling - Occasionally (activity or condition exists up to 1/3 of time)

Sitting - Frequently (activity or condition exists from 1/3 to 2/3 of time)

Standing - Occasionally (activity or condition exists up to 1/3 of time)

Walking - Occasionally (activity or condition exists up to 1/3 of time)

WORKING CONDITIONS*

No potential for exposure to blood and body fluids

 

 

Location Address:  2800 Century Pkwy NE, Atlanta, GA  30345
Function:  Information Technology - Business Partnering

 

Overview:

Children’s Healthcare of Atlanta has been 100 percent dedicated to kids for more than 100 years. A not-for-profit organization, Children’s is dedicated to making kids better today and healthier tomorrow.

With 3 hospitals, 27 neighborhood locations and a total of 622 beds, Children’s is the largest healthcare provider for children in Georgia and one of the largest pediatric clinical care providers in the country. Children’s offers access to more than 60 pediatric specialties and programs and is ranked among the top children’s hospitals in the country by U.S. News & World Report.

Children’s has been ranked on Fortune magazine’s list of “100 Best Companies to Work For” for twelve consecutive years and named one of the “100 Best Companies” by Working Mother magazine. We offer a comprehensive compensation and benefit package that supports our mission, vision and values. We are proud to offer an array of programs and services to our employees that have distinguished us as a best place to work in the country.  Connect to our mission of being Dedicated to All Better and impact the lives of hundreds of thousands of patients and their families each year.


Nearest Major Market: Atlanta

Job Segment: Information Systems, Computer Science, Patient Care, Manager, Pediatric, Technology, Healthcare, Management