HRTMS Job Description Management
| Systems Security Manager J o b D e s c r i p t i o n | | |
JOB INFORMATION | Effective Date: | 6/1/2021 | Entity: | Wisconsin | Job Code: | 331015 | Job Title: | Systems Security Manager | Exemption Status: | Exempt | Management Level: | Manager/Program Director | JOB SUMMARY | | | The Systems Security Manager is responsible for providing leadership and guidance to supervisors and staff, promoting a culture of empowerment, innovation, and excellence in the delivery of services to our operational and strategic partners. The team supports medical faculty, clinical staff and administrative support in patient care, revenue cycle and business system continuity, teaching and research activities. The Systems Security Manager is required to have an understanding of Privacy and Security regulatory requirements and UW Health policies and procedures to maintain confidentiality, integrity, and compliance. The Manager will lead the team with a culture of "yes, lets figure out how to do that" mentality, with an innovative approach to facilitating operational needs and visionary goals. The Manager will ensure effective operation of the team as a customer-focused, service-oriented team providing the highest quality services to UW Health. The Manager assists with development of departmental policies and procedures and is responsible for the team's adherence to promote an environment of compliance and operational efficiency. The Manager functions as an expert resource in advanced systems analysis and design for business partners, staff, and users to assist in complex problem troubleshooting and resolution. In conjunction with the Information Services Project Management Office (PMO), the Manager coordinates both Security and cross-functional projects. This position requires the ability to collaboratively and independently evaluate and analyze requirements and develop creative solutions to best support remarkable healthcare and research at UW Health. The Manager must possess organizational skills that lead to the effective management of projects, tasks, applications, and employees. These skills include analysis, problem definition and solution, conflict resolution, team/project management, planning, and consulting. Excellent communication skills are also crucial to successful performance in this position. Plans for new systems, platforms, and applications, are often developed using only broad guidelines and require a high degree of independence, decision-making, and coordination. A wide variety of internal and external relationships are involved to perform the duties of this position. Internal contacts include representatives from all UW Health entities including Swedish American Health System, its affiliate partners whom UW Health IS supports as a Service provider. External contact is primarily with hardware and software vendors and industry peers. Developing and maintaining good communication and collaboration with these contacts is essential to accomplishing the objectives of this position and the goals of the UW Health enterprise. | | | | | | | | |
• | Oversee the management of computer access, including provisioning, inactivation, and auditing for a large variety of computer systems. Primary systems include, but are not limited to Active Directory Users & Computers, Health Link (Epic), Novell, and Identity Manager | • | Keep abreast of the latest in security technology and potential threats through research, conference attendance, and continued education. | • | Recommend, and implement changes to procedures and systems to enhance data systems security. Assist in communicating security procedures to users. | • | Responsible for ensuring that UW Health Information Services security policies and procedures are in line with regulatory compliance requirements | • | Responsible for providing guidance as it relates to UW Health security best practices | • | Coordinate the review and ongoing management of the Systems Security project portfolio, establishing objectives, priorities, time allocations, and deadlines to meet organizational needs. | • | Coordinate with Internal Auditing and participate in risk assessments and risk mitigation. | • | Coordinate with External Auditors and participate in identifying current process, procedures, and risks, and remediate findings. | • | Responsible for all projects and employees assigned to functional team. | • | Work with Recruitment staff, HR staff, and direct superior to interview and select candidates who have appropriate technical skills and professional characteristics to match functional team and IS department needs. | • | Responsible for annual performance reviews for assigned employees. Provides ongoing communication with staff regarding specific performance expectations | • | Responsible for the promotion and termination of employees based on departmental and organizational policies and procedures specific to UW Health employment entities as applicable. Provide guidance and direction for supervised employees. | • | Facilitate staff engagement, commitment to the enterprise and staff retention, including developing and implementing employee development plans. | • | Provide guidance for supervised employees in the areas of project management, team building and consulting. | • | Ensure that organizational and departmental policies and procedures are adopted and followed by staff. | • | Provide general assistance, coaching and direction to teams for which this Manager is responsible. Identify training needs of staff and assist in developing training plans. Align team members in roles to best take advantage of their strengths and interests as well as facilitating growth of their skill sets. | • | Provide leadership role in the justification, acquisition, development, implementation, and integration of new products and technologies. | • | Plan, lead, coordinate, and collaborate with IS staff/management along with internal and external operational partners, business and clinical, as well as external entities as necessary to lead mid to large projects through the appropriate phases of implementation and support throughout the UW Health enterprise. | • | Lead and provide support to development and interface staff in the initiation, coordination, and implementation of projects for the UW Health enterprise | • | Ensure processes and documentation of systems analysis, support documentation and project management is conducted at the level appropriate for the project. Examples of documentation include: current procedures review, functional requirements, project plans, meeting minutes, issues documentation, regular status updates to project stakeholders, and other documents as recommended by the PMO | • | Collaborate with the PMO on the annual IS project plan, directing the team to assist in initial scoping documents and resource estimates to provide a summary of the available versus requested staffing hours | • | Assists in Information Services departmental budget development and planning. | • | Assists in Information Services departmental yearly systems planning. | • | Support and encourage an environment of innovation and learning so that the staff remains current with relevant technology and industry best practices that may enhance the services provided to our customers. | • | Direct staff in providing software design, development, debugging, troubleshooting and problem resolution services, including entering and updating problem and change tracking records. | • | Assure that on-call rotations are defined and maintained for the functional team and that departmental customer service expectations are consistently met and most often exceeded. | • | Understand business needs and processes for area of responsibility. Work with the appropriate leaders/team to ensure the infrastructure and/or applications securely support current and planned business needs. | • | Monitor customer satisfaction with project execution and operational support. Identify opportunities and implement changes to drive service improvement. | • | Responsible for projects/tasks/applications that require project planning, installing, maintaining current technology offerings, providing consulting services to other IS staff and serving as the primary liaison between vendors and/or IS and business partner resources as appropriate. | • | Work independently on a wide range of systems analysis functions that may include several projects of a complex nature simultaneously. | • | Perform continual assessment of available technology and software to facilitate continued improvements to meet the goals prioritized by the UW Health Enterprise. Some software solutions may be developed internally. | • | Support vendor application systems in a variety of hardware environments. | • | Assure training and education of employees along with customers by coordinating with UW Health educational teams where appropriate to deliver training content for new or upgraded applications | • | Conduct system demonstrations for visiting groups and other healthcare organizations as approved by CIO office. | • | Ensure existing systems are functioning effectively and accurately according to the requirements and objectives. | • | Attend and participate in national industry-wide conferences (e.g., HIMSS, Epic Users Group Meeting, national vendor conferences) as appropriate based on role. | • | Attend and participate in regional conferences and seminars (e.g., vendor technology presentations) as appropriate based on role. |
ALL DUTIES AND REQUIREMENTS MUST BE PERFORMED CONSISTENT WITH THE UW HEALTH PERFORMANCE STANDARDS. |
Age Specific Competency (Clinical jobs only) | X | Non-Clinical | | | | | | | | | |
Education | Education Level | Education Details | Required/
Preferred | | Bachelor's Degree | | Required | | | Four (4) years of relevant experience may be considered in lieu of degree in addition to experience below | | | Bachelor's Degree | or Master’s Degree in Healthcare, Information Technology, Business, or related field | Preferred | | | | | | | | |
Work Experience | Experience | Experience Details | Required/
Preferred | | 3 years | of experience in planning and implementing mid to large scale security or technical projects | Required | | 3 years | of supervisory or management experience | Required | | | Extensive project management experience | Preferred | | 5 years | of supervisory or management experience | Preferred | | | Experience developing and supporting applications deployed in a 24x7 healthcare setting | Preferred | | | | | | | | |
Wisconsin Licenses & Certifications | Licenses/Certification Details | Time Frame | Required/
Preferred | | CISSP | | Preferred | | Other security and/or technical certifications | | Preferred | | | | | | | | |
Required Skills, Knowledge, and Abilities | • | Strong understanding of the principles of security, the NIST CSF framework, and requirements of regulatory compliance. | • | Familiarity with conducting penetration tests, and red/blue/purple teaming exercises. | • | Excellent communication, problem-solving and organizational abilities. | • | Ability to work independently and be result oriented. | • | Strong analytical skills to include the understanding and documentation of business/clinical processes and the ability to identify opportunities to improve processes through technology. | • | Excellent communication skills in both written and verbal presentation. | • | Demonstrates effective communication with senior management, clinical, administrative, revenue cycle and operational customers, vendors, and external healthcare organizations. | • | Ability to work well with people from different disciplines with varying degrees of technical experience. | • | Ability to provide leadership and promote teamwork. | • | Ability to manage project implementation teams and individuals and monitor the deliverables of each team to ensure milestone and on-budget completion. | • | Demonstrates ability to mentor staff and assist them in attaining desired results based on individual goals and objectives. | • | Effective interpersonal skills. | • | Consultative approach to working with users in assessing needs and requirements. | • | Ability to manage multiple tasks with ease and efficiency. | • | Ability to effectively manage change. | | | |
PHYSICAL REQUIREMENTS/WORKING CONDITIONS |
| Physical Demand Level | Occasional
Up to 33% of the time | Frequent
34%-66% of the time | Constant
67%-100% of the time | ☒ | Sedentary: Ability to lift up to 10 pounds maximum and occasionally lifting and/or carrying such articles as dockets, ledgers and small tools. Although a sedentary job is defined as one, which involves sitting, a certain amount of walking and standing is often necessary in carrying out job duties. Jobs are sedentary if walking and standing are required only occasionally and other sedentary criteria are met. | Up to 10# | Negligible | Negligible | ☐ | Light: Ability to lift up to 20 pounds maximum with frequent lifting and/or carrying of objects weighing up to 10 pounds. Even though the weight lifted may only be negligible amount, a job is in this category when it requires walking or standing to a significant degree. | up to 20# | Up to 10# or requires significant walking or standing or requires pushing/pulling of arm/leg controls. | Negligible or constant push/pull of items of negligible weight | ☐ | Medium: Ability to lift up to 50 pounds maximum with frequent lifting and/or carrying objects weighing up to 25 pounds. | 20-50# | 10-25# | Negligible-10# | ☐ | Heavy: Ability to lift up to 100 pounds maximum with frequent lifting and/or carrying objects weighing up to 50 pounds. | 50-100# | 25-50# | 10-20# | ☐ | Very Heavy: Ability to lift over 100 pounds with frequent lifting and/or carrying objects weighing over 50 pounds. | Over 100# | Over 50# | Over 20# |
Other - list any other physical requirements or bona fide occupational qualifications not indicated above: | | Note: The purpose of this document is to describe the general nature and level of work performed by personnel so classified; it is not intended to serve as an inclusive list of all responsibilities associated with this position. | | | |
|