Job Description

Info Security Ofcr

Requisition IDreq10502
Working TitleHSC Information Security Officer/HIPAA
Position Grade17
Position Summary

The Health Sciences Center (HSC) Information Security Officer (ISO) oversees IT security activities in the UNM HSC, which includes the Health System, associated with the confidentiality, integrity, and availability of patient, provider, employee, student, and business information in compliance with UNM HSC policies and procedures, as well as Federal and State statutory and regulatory requirements. This position reports directly to the HSC Chief Information Officer (CIO), and participates in overall IT governance decision making for the entire HSC. The HSC ISO serves as the HSC HIPAA Security Officer to lead and participate in the interpretation and implementation of HIPAA security regulations; monitors and ensures organizational compliance with Federal and State laws, regulations and standards.

With guidance from HSC IT leadership, the HSC Privacy Officer and HSC Chief Compliance Officer (CCO), the HSC ISO leads the HSC information security program which includes: ongoing risk assessment and mitigation; development and implementation of IT security-related policies, procedures, and standards; workforce education; and establishment of administrative, technical and physical controls. Also responsible for regular IT security risk and status reports to the Executive Compliance Committee and the CCO. With oversight from HSC IT security stakeholders, works with IT leadership to prioritize security initiatives designed to evaluate and mitigate risk and design a cost-effective HSC IT security program; plans and implements strategic initiatives.

The ISO must have knowledge of IT security risks related to handling of health care/patient and student information. The ISO will work with and coordinate the activities of outside consultants and/or auditors in the performance of various IT security audits and assessments. Must be able to demonstrate a high degree of trust and integrity and have the ability to work independently. The ISO must have strong analytical and critical thinking skills and the ability to analyze, summarize, and effectively present data. These facilitations will be across diverse disciplines and personnel with disparate technical backgrounds.

The ISO’s technical background in the management of both physical, virtual and logical information security systems, technologies and applications will help them weigh business risks and enforce appropriate information security measures. The incumbent should possess expertise of various encryption techniques and their proper utilization.

The UNM HSC has earned a national and internationalreputation for its integrated education, patient care, research, andpartnership initiatives which address the unique healthcare needs of NewMexico's urban and rural populations (

See the Position Description for additional information.

Conditions of Employment
  • Must pass a pre-employment criminal background check.
  • Employees in this job title are subject to the terms and conditions of an employment contract. Employment contracts are typically subject to review and renewal on an annual basis.
Minimum Qualifications

Bachelor's degree; at least 8 years of experience directly related to the duties and responsibilities specified.

Completed degree(s) from an accredited institution that are above the minimum education requirement may be substituted for experience on a year for year basis.

Preferred Qualifications

Preferred qualifications:

  • Experience negotiating, writing, reviewing and updating information securitypolicies, procedures, guidelines and standards covering multiple agencies anddepartments
  • Experience analyzing security reviews and assessments specific to the healthcare industry
  • Knowledge of business impact assessment and risk analysis methodologies
  • Knowledge of cybersecurity frameworks, particularly the NIST Cybersecurity Framework
  • Knowledge of data use agreements and data transfer procedures relevant to HIPAA and FERPA data
  • Possess technically oriented ITsecurity training, credentials or certifications. i.e., HCISPP, CISSP, CPHIMS
    or similarcertifications and coursework
Additional Requirements
CampusHealth Sciences Center (HSC) - Albuquerque, NM
DepartmentHSC CIO Office (340B)
Employment TypeStaff
Staff TypeRegular - Full-Time
Term End Date
Pay$6,824.71-$8,429.30 (Monthly)
Benefits EligibleThis is a benefits eligible position. The University of New Mexico provides a comprehensive package of benefits including medical, dental, vision, and life insurance. In addition, UNM offers educational benefits through the tuition remission and dependent education programs. See the Benefits home page for a more information.
ERB StatementTemporary and on-call employees working an appointment percentage of 26 (.26 FTE) or greater, per quarter, will be eligible to earn retirement service credits and thus are required to make New Mexico Educational Retirement Board (NMERB) contributions. More information pertaining to your FTE and NMERB contributions can be reviewed on the NMERB Guidelines Clarified webpage.
Background Check RequiredYes
For Best Consideration Date11/1/2019
Application InstructionsThe following documents are required with your application to be considered for the position: -Resume-Cover letter -Complete UNM Application-Writing sample (formal or informal IT policy, procedure, standard and/or guideline, no longer than 3-4 pages.)-Transcripts or other records for any relevant IT security certifications or training

Positions posted with a Staff Type of Regular or Term are eligible for the Veteran Preference Program. See the Veteran Preference Program webpage for additional details.

The University of New Mexico is committed to hiring and retaining a diverse workforce. We are an Equal Opportunity Employer, making decisions without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, age, veteran status, disability, or any other protected class.

Application Instructions

Please click on the link below to apply for this position. A new window will open and direct you to apply at our corporate careers page. We look forward to hearing from you!

Apply Online