Information Technology Security Officer

Position Description and Job Skill Set

Description of the job functions the contractor will be expected to perform.

Under 45 CFR 164.308 as a covered entity under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) MSDH is required to identify a Security Officer responsible for the development and implementation of policies and procedures to ensure the integrity of electronic Protected Health Information (ePHI) created transmitted received and/or stored by the agency. This individual designated as the IT Security Officer (ITSO) also is required by the state Department of Information Technology Services (ITS) under Rule 1.6 of the ITS Enterprise Security Policy. Under this rule the ITSO is responsible for:

Developing and maintaining agencyspecific security plans policies and procedures.

Interacting with ITS as the primary contact for security related issues.

Ensuring MSDH is adhering to the State of Mississippi Enterprise Security Policy.

Participating in the state information security threat intelligence feeds.

Researching IT industry for security related issues and how it affects MSDH specifically.

Monitoring security applications activity logs resources and issues within the agency utilizing approved security software and hardware.

Facilitating the State Auditors Information Systems Audit and any Third Party Risk Assessments.

Manage the agencys Vulnerability Management and Supply Chain risk programs

Required Skills/Experience

Provide the minimum required skills and/or experience the contractor must possess to qualify for this position. These requirements will be transferred to the Score Sheet and candidates without these requirements reflected on their resume will

NOT be presented to the manager for consideration.

Minimum of 5 years experience cybersecurity including 2 years in leadership