Job Description :
Applies advanced understanding of Payment Card Industry (PCI) Data Security Standard (DSS) v 3.2 concepts to ensure the Campus, Medical Center or Foundation credit card processing environments maintain PCI compliance.
Leads the development of PCI Governance program and demonstrates competency in complex IT Security concepts and their application in achieving PCI, HIPAA and NIST compliance requirements.
Assist as needed with other organizational information security and risk management framework compliance activities, such as governance and policy development for HIPAA, NIST/Cyber Security Framework.
Required Qualifications:
Bachelor''s degree in related area; or seven to ten years equivalent experience working in IT
PCI ISA certification within six months of starting position
Advance interpersonal skills sufficient to work effectively with both technical and non-technical personnel at various levels in the organization
Advance knowledge of PCI DSS v3.2 compliance requirements and their implementation
Demonstrated skills applying security controls to computer software and hardware.
Preferred Qualifications:
QSA/ISA
CISA
CISSP
Advance experience using PCI Compliance Reporting tools (i.e., Trustwave, CoalfireOne)
Advance knowledge of IT security
Advance knowledge of working with PCI and/or IT Auditors
Broad knowledge of other areas of IT
Demonstrated knowledge of secure hardware, software and network design techniques
Demonstrated skill at analyzing and preventing security incidents of high complexity
In-depth knowledge of computer hardware, software and network security issues and approaches
Knowledge of HIPAA, NIST/Cyber Security Framework and/or other risk management frameworks
Licensure/Certification:
PCI ISA certification within six months of starting position
Living Pride Standards
Service Excellence:
Demonstrates service excellence by following the Everyday PRIDE Guide with the standards and expectations for communication and behavior.
These standards and expectations convey specific behavior associated with the Medical Center’s values:
Professionalism, Respect, Integrity, Diversity and Excellence, and provide guidance on how we communicate with patients, visitors, faculty, staff, and students, virtually everyone, every day and with every encounter.
These standards include, but are not limited to: personal appearance, acknowledging and greeting all patients and families, introductions using AIDET, managing up, service recovery, managing delays and expectations, phone standards, electronic communication, team work, cultural sensitivity and competency.
Uses effective communication skills with patients and staff; demonstrates proper telephone techniques and etiquette; acts as an escort to any patient or family member needing directions; shows sensitivity to differences of culture; demonstrates a positive and supportive manner in which patients / families/ colleagues perceive interactions as positive and supportive.
Exhibits team work skills to positively acknowledge and recognize other colleagues, and uses personal experiences to model and teach Living PRIDE standards.
Exhibits tact and professionalism in difficult situations according to PRIDE Values and Practices
Demonstrates an understanding of and adheres to privacy, confidentiality, and security policies and procedures related to Protected Health Information (PHI) or other sensitive and personal information.
Demonstrates an understanding of and adheres to safety and infection control policies and procedures.
Assumes accountability for improving quality metrics associated with department/unit and meeting organizational/departmental targets.
Work Environment:
Keeps working areas neat, orderly and clutter-free, including the hallways. Adheres to cleaning processes and puts things back where they belong. Removes and reports broken equipment and furniture.
Picks up and disposes of any litter found throughout entire facility.
Posts flyers and posters in designated areas only; does not post on walls, doors or windows.
Knows where the Environment of Care Manual is kept in department; corrects or reports unsafe conditions to the appropriate departments.
Protects the physical environment and equipment from damage and theft.
The flexibility to orient and work at all locations is required.