Eskenazi Health
September 4, 2019
Indianapolis, IN
Job Type


Division:Eskenazi Health  

Sub-Division: Hospital  

Req ID:  1254 

Schedule: Full Time 

Shift: Days 

Eskenazi Health is an organization that celebrates diversity, and seeks to employ a diverse workforce. We actively encourage all individuals to apply for employment and to seek advancement opportunities. Eskenazi Health also provides reasonable accommodations to qualified individuals with disabilities as required by law. For additional questions please contact us at: 317-880-3344.


The Information Security Officer is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected. This position works with Eskenazi Health’s leaders to prioritize security needs and related costs according to financial constraints and directives. The Information Security Officer is responsible for enhancing and improving physical security and cyber security by identifying Eskenazi Health’s protection goals and objectives, and ensuring alignment with the organization’s strategic plans.


  • Builds a strategic and comprehensive information security program that defines, develops, maintains and implements processes that enable consistent, effective information security practices
  • Develops and implements global policies, procedures, and plans related to: security of computer systems, networks and telecommunications; health information security and privacy compliance; business continuity, risk management, loss and fraud prevention; and emergency and incident response  
  • Works closely with the Privacy Officer to ensure alignment between security and privacy compliance programs; acts as a liaison to the Information Systems and Compliance departments; assists with breach determination and notification processes under HIPAA and applicable state breach rules and requirements
  • Responsible for initial and ongoing information security risk assessment and analysis, mitigation and remediation; conducts audits to find holes in security platform
  • Establishes and administers a process for investigating and acting on security incidents which may result in a privacy breach
  • Identifies and prioritizes security initiatives and standards; addresses privacy, confidentiality and standards administration
  • Investigates security breaches; develops and directs technical teams in the investigation and resolution of a variety of complex health information privacy and security issues using a systematic approach
  • Establishes and maintains technical computer and network security systems and protocols
  • Establishes and maintains administrative computer and network security systems and protocols
  • Monitors and reviews logs of computer systems and network activities for possible unauthorized intrusion
  • Oversees, develops and delivers security training to hospital personnel at all levels relative to the privacy and security of health information
  • Researches and recommends appropriate hardware and software to implement and maintain health information privacy and security
  • Initiates, facilitates, and promotes activities to foster information security awareness within the organization
  • Evaluates security trends, evolving threats, risks and vulnerabilities; implements tools to mitigate risk as necessary
  • Collaborates with senior management, Privacy Officer, and Corporate Compliance officer to establish governance for the security program
  • Manages security incidents and events involving electronic protected health information (ePHI)
  • Ensures organization has audit controls in place to monitor activity on electronic systems that contain or use electronic protected health information (ePHI)
  • Oversees periodic monitoring and reviewing of audit records to ensure that activity is appropriate; includes but is not limited to logons and logoffs, file accesses, updates, edits and printing
  • Participates in the development, implementation, and ongoing compliance monitoring of all BA's and business associate agreements, to ensure security concerns, requirements, and responsibilities are addressed
  • Serves as information security consultant to all departments for all data security related issues


  • Bachelor’s degree in Information Systems or a related healthcare field required
  • Certified in Healthcare Privacy and Security (CHPS) certification and/or other healthcare industry related security credentials required
  • Certified Information Systems Security Specialist (CISSP) certification is preferred
  • Appropriate certification in risk management and/or health care compliance preferred
  • Five years progressive experience in health information security management, health information management, information systems and/or health risk management is required

Eskenazi Health offers comprehensive benefits including, tuition reimbursement, retirement plans through OneAmerica, various on-campus dining options, a free fitness gym, free employee wellness programs, sky farm access and more. Come and be a part of our PRIDE values!

Drop files here browse files ...

Related Jobs

Dental Assistant   Indianapolis, IN new
September 18, 2019
RN Healthcare Manager   Indianapolis, IN new
September 18, 2019
SFDC Technical Architect   Indianapolis, IN new
September 18, 2019
SFDC Developer   Indianapolis, IN new
September 18, 2019
Area Core/Solutions Sales Manager   Indianapolis, IN new
September 18, 2019