About Us As a not-for-profit organization, Mass General Brigham (MGB) is committed to supporting patient care, research, teaching, and service to the community by leading innovation across our system. Founded by Brigham and Women's Hospital and Massachusetts General Hospital, MGB supports a complete continuum of care including community and specialty hospitals, a managed care organization, a physician network, community health centers, home care and other health-related entities. Several of our hospitals are teaching affiliates of Harvard Medical School, and our system is a national leader in biomedical research.
We're focused on a people-first culture for our system's patients and our professional family. That's why we provide our employees with more ways to achieve their potential. MGB is committed to aligning our employees' personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal development-and we recognize success at every step.
Our employees use the MGB values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.
General Summary/Overview Statement Mass General Brigham's Enterprise Data and Digital Health (EDDH) initiative is working to expand access to digital tools and technologies that address significant health care challenges. By providing resources and coordinated support, EDDH is helping to take innovative care solutions that have been successful at our academic medical centers and make them available to all institutions across the system. EDDH will advance foundational investments in data, analytics, technology, AI, and machine learning.
As we respond to increasing healthcare market pressures and learn about new opportunities to advance patient care, research, and education, digital health is vital to the future of the system and growth strategies. The EDDH initiative will work to further engage patients in their health care journeys and enable Mass General Brigham's future, providing world-class clinical care with the best possible experience for patients.
Position Summary The ideal candidate for the role of a PHS Information Security and Privacy Cloud Specialist must have a genuine and proactive desire to establish best practices for how to implement, administer and evolve and effective information security and privacy program for at the Enterprise-level. Individuals must be able to integrate quickly into current efforts, produce high quality written documentation within established timelines, and apply critical analytic thinking across the diverse field of information security and privacy.
The MGB Information Security and Privacy Cloud Specialist is responsible for leading Partners Healthcare Business and Technology cloud-based; Machine Learning and AI and Big Data initiatives that impact all MGB Entities, Employees, and Agents to provide support in securing cloud-based implementations.
The MGB Information Security Cloud Specialist will provide significant leadership in developing enterprise-wide standards To address immediate risk areas and train new staff as onboarded, in addition to working with committees, leadership and staff throughout institution(s) and MGB to understand the business and operational objectives in order to identify and support security related needs.
Participates in the development and implementation of the MGB IS Information Security program in a manner that fulfills the mission and strategic goals of the program while complying with state and federal laws and accreditation standards related to Risk Management; collaborating with site and PHS Information Security, Privacy and Compliance as required.
Maintains up to date knowledge of, and expertise in the administration and management of PHS- and site-base information security program and assists Information Security Officers in these initiatives. Principal Duties and Responsibilities 1. Risk Assessments, cloud workgroup meetings, contract negotiation, develop standards and policy related to cloud, machine learning, AI and Big Data 2. With a general Information Security knowledge, this person would be focused on Data Protection and Privacy and will work to outlined specific data protection requirements from new regulations around the world and translate it to the proper security controls that need to be put in place in any infrastructure used to house or process such types of data. 3. This person will be responsible to understand and be on top of all new cloud technologies from the main Cloud Service Providers in order to orchestrate what is needed for specific services to be implemented at Partners in a way they can be easily consumed by researchers. 4. This person will work closely with the Information Security Business Analyst to create new workflows and with the Information Security Engineer in order to outline the proper security controls required by any service to be offered to the research community. 5. Use the MGB values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.
Qualifications Bachelor's degree* (B.A. / B.S.) in computer science, business administration, or equivalent discipline from an accredited college or university required.
• 10+ years of experience in IT/IS preferred. • 5+years of experience in an information security or information privacy role with experience in securing cloud, machine learning and big data security and internetworking devices and software, including some experience with large mission-critical networks is preferred. • Awareness or ability to understand HIPAA, HITECH, Mass ID Theft regulation 201 CMR 17, and other appropriate information security and information privacy regulatory requirements for healthcare entities.
* Bachelor's degree from a four-year accredited college/university may be substituted.
* Any of the following certifications is a plus: PMP, ITIL, or any of the following Information Security Certifications: CISSP, HCISSP, CISM, CISA, CIPP, CIPM, CIPT, CPHIMS, PCIP, GSEC, GCIH, GCFE, GCFA, CEH, GPEN, and PMP
Skills/Abilities/Competencies Required 1. Genuine and proactive interest in information security and privacy concepts 2. Strong business and analytical skills to identify, write and negotiate business and technical requirements gathering 3. Outstanding time management and organizational skills required 4. Excellent written and verbal communication skills, effective interpersonal skills, strong formal presentation abilities and good leadership skills 5. Ability to interpret business objectives into functional information security & privacy activities that deliver against the risk management objectives 6. Some understanding of change management and ability to work under the required guidelines and deliver on business/project requirements 7. Ability to deal sensitively and effectively at all levels of the organization including both technical & non-technical, management, and senior leadership 8. Comfortable working in a dynamic environment with multiple work streams, goals, and objectives 9. High level critical thinking and strategic planning skills; ability to prioritize assignments 10. Ability to work independently with minimal supervision
Working Conditions This position will work 100% remotely
Mass General Brigham is an Equal Opportunity Employer & by embracing diverse skills, perspectives and ideas, we choose to lead. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law.
Partners Healthcare System Inc. is acting as an Employment Agency in relation to this vacancy.
MGH Institute of Health Professions, founded by Massachusetts General Hospital in 1977, is an innovative and independent graduate school in Boston that is a member of Partners HealthCare. A progressive leader in developing comprehensive models of health care education, the MGH Institute prepares advanced practice professionals in the fields of nursing, physical therapy, occupational therapy and communication sciences and disorders through a distinctive combination of academic study, clinical practice, and research. More than 1,200 students are enrolled in graduate level and certificate programs, with an increasing number of courses available online. The Institute is accredited by the New England Association of Schools and Colleges (NEASC).