Director, Identity Access Management and Cyber Security Risk Management

Apply Now

Company: Hawaii Medical Service Association

Location: Honolulu, HI 96817

Description:

  • IAM and Cyber Security Risk Management:
    • Oversees and manages HMSA's IAM and Cyber Risk Management program leveraging IAM and IT Risk management best practices, industry, and frameworks.
    • Create and maintain the IAM and Cyber Risk roadmap in accordance with the CISO's strategy.
    • Ensure all the necessary policies and procedures in place to align with compliance requirements and the NIST framework.
    • Develop Key Performance Indicators and SLA's for IAM and Cyber Risk Management programs; communicate these metrics with other leaders.
    • Ensure cyber risk management team supports Enterprise IT Audits; Collaborate with Internal Audit on all Cyber Security Risk-related activities; act as the main point of contact for Cyber Security Risk.
    • Effectively leverage HMSA Cyber Security vendors to align with HMSA's IAM and Cyber Security Risk Management strategy
    • Ensure IAM and Cyber Risk Management related projects are completed within scope, timelines, and budget.
    • Manage third party cyber risk management. Ensure policies and procedures are created followed. Track Corrective Action Planning. Ensure activities align with NIST requirements.
    • Provide oversight of user and system identities, and access to data and systems throughout the HMSA enterprise. This position leads the implementation and management of IAM best practice and identity governance for in-house, vendor, and hosted solutions.
  • Cyber Security Training and Awareness.
    • Create, maintain policies related to Cyber Security.
    • Prepare content and conduct training related to Cyber Security.
    • Conduct phishing exercises/campaigns and training related to phishing risks
    • Work with other teams such as privacy on training initiatives.
  • Personnel Management:
    • Provide leadership, manage, and coach cybersecurity unit staff in overall Information Security Program management. Provide management support including personnel, budget, and other administrative responsibilities, (i.e., mentoring, performance management, career planning and counseling, etc.).
    • Manage budget to ensure the organization's cyber security program is conducted in a cost conscious and financially responsible manner.
  • Perform all other miscellaneous responsibilities and duties as assigned or directed.


    • #LI-Hybrid

  • Bachelor's degree and five years of relevant IT experience; or an equivalent combination of education (including industry certifications) and relevant work experience.
  • Three year of supervisory/management experience.
  • Strong written and verbal communications skills.
  • Strong customer service skills.
  • Strong process and project management skills.
  • Intermediate working knowledge of Microsoft Office applications, including but not limited to Word, Excel, Outlook, and PowerPoint.
  • Strong knowledge of operating systems, architecture and various software and hardware products.
  • Good technical and troubleshooting skills.
  • Intermediate understanding and implementation capability of security best practices and technology and demonstrate proficiency in the application of established information security practices.

    • Similar Jobs