IT Security & Compliance Architect, Department of Information Technology, School of Dentistry
- Employer
- Virginia Commonwealth University
- Location
- Richmond, Virginia, United States
- Salary
- Competitive Salary
- Date posted
- Oct 31, 2024
View more categoriesView less categories
- Position Type
- Administrative, IT & Technology, Technology Administration/Other, Chief Technology & Information Officers, Executive
- Employment Type
- Full Time
You need to sign in or create an account to save a job.
IT Security & Compliance Architect, Department of Information Technology, School of Dentistry
Benefits of working at VCU
All full-time university staff are eligible for VCU’s robust benefits package that includes: comprehensive health benefits, paid annual and holiday leave granted up front, generous tuition benefit, retirement planning and savings options, tax-deferred annuity and cash match programs, employee discounts, well-being resources, abundant opportunities for career development and advancement, and more. Learn more about VCU’s benefits here .
Job Code 24824Y
Recruitment Pool All Applicants
Posting Number req6468
Unit School Of Dentistry MBU
Department School of Dentistry, Department of Information Technology
Department Website Link https://dentistry.vcu.edu
Location VCU
Address 907 Floyd Ave, Richmond, VA 23284 USA
Duties & Responsibilities
Position Primary Purpose:
Virginia Commonwealth University School of Dentistry is seeking applicants for a full-time IT Unit Level Information Security Architect (UIS). The Unit Level Information Security Architect will develop, manage, and implement processes to ensure compliance with applicable federal and state Health Insurance Portability and Accountability Act (HIPAA) regulations and guidelines, particularly regarding the organization's access to and use of electronic Protected Health Information (ePHI) in our electronic health record. In addition, the position will review and monitor existing I.T. processes that involve active directory, Identity and Access Management (IAM), data storage and retrieval, server provisioning & management, cloud computing, and asset security.
Responsibilities:
- Evaluate the organization's existing policies and procedures for HIPAA compliance by performing HIPAA risk assessments of all IT systems and assisting in the creation of the organization’s IT security operations procedure
- Develops and assists with implementing new and updated disaster recovery (DR) and security policies and procedures within the School of Dentistry while reviewing all University policies related to security and DR
- Assesses methods and procedures for storing and transmitting ePHI; identifies security or other compliance risks; researches and recommends improvements; and documents how internal systems store and transmit data
- Security Audits and Reviews: Performing regular audits and reviews of the organization's IT systems and infrastructure to assess the effectiveness of security measures and compliance efforts. This involves identifying areas for improvement and implementing necessary changes to enhance the overall security posture, and assisting with creating a more robust training and awareness program
- Work with the VCU School of Dentistry Chief Information Officer (CIO), Director of Application Development and Infrastructure, and the VCU information security office to ensure appropriate usage of Active Directory accounts, generic accounts, service accounts, and system accounts are in place for all systems, software, and processes at the level of least privilege
- Incident Response Planning: Developing and maintaining incident response plans to handle security breaches effectively and minimize the impact on the organization. This includes creating protocols for promptly identifying, containing, and resolving security incidents
- Work with the University’s Network Services Team to set up and configure the Internet of Things (IOT) devices to ensure the appropriate level of access the principle of least privilege (POLP/least privilege) and create a diagram of all connected devices. This will include payment card industry (PCI) and point of sale (POS) and kiosk devices, their support, and the management of PCI compliance audits
- Security Architecture: Designing and implementing secure IT architectures that protect the organization's systems, networks, and data from potential cyber threats. This involves creating robust security protocols, identifying vulnerabilities, and implementing security controls to mitigate risks in collaboration with the VCU Information Security Office
- Risk Assessment: Conduct regular risk assessments to identify potential security vulnerabilities and threats within the IT infrastructure. This involves evaluating the impact of potential security breaches and developing strategies to minimize risks and their possible impact to the organization
- Collaboration and Communication: Collaborating with cross-functional teams, including IT teams, legal departments, and management, to ensure that security and compliance efforts are aligned with the organization's overall goals and objectives. Effective communication is essential to promote a comprehensive understanding of security and compliance measures throughout the organization
- Assists with compliance Management and ensures the organization adheres to relevant industry standards and regulatory requirements, such as General Data Protection Regulation (GDPR), HIPAA, PCI DSS, etc. You will need to assess the current state of compliance, develop strategies for meeting requirements, and monitor ongoing adherence
Required Qualifications:
- Bachelor's degree required or equivalent training and experience
- Hands-on experience with Microsoft Active Directory, Citrix, VMWare, and cloud computing
- Experience with server management (Windows, Linux, etc.)
- Familiarity with change control and change management practices
- Excellent oral and written communication skills
- Superior interpersonal and decision-making skills
- Ability to work independently and without direct supervision
- Working experience in Higher Education or a Healthcare Environments
- Demonstrated experience working in and fostering a diverse
faculty, staff, and student environment or commitment to do so as a
staff member at VCU
- Master’s degree preferred
- Relevant experience working in a university academic or healthcare environment
- Knowledge of University systems, policies, and procedure's
- Knowledge of VCU Information Security Baselines and computer standards
- CISA, CISSP, Security+ or other comparable qualifications
Due to the nature of this job the VCU School of Dentistry is unable to provide visa sponsorship for this position. Applicants must be currently authorized to work in the United States.
FLSA University Employee
Job FTE 1.0
Exemption Status Exempt
Restricted Position No
E-Class UF - University Employee FT
Job Category University Employee
ORP Eligible Yes
Salary Range Commensurate with experience, up to $104,000
Compensation Type Salaried
Target Hire Date 1/25/2025
Contact Information for Candidates
Brian Canaday
canadayba@vcu.edu
Documents Needed to Apply Resume, Two References
You need to sign in or create an account to save a job.
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert