Support The George Washington University Medical Faculty Associates (GW MFA) by identifying, assessing, and mitigating risks to data, systems, and technology environments
Conduct comprehensive security and third-party risk assessments to ensure initiatives align with MFA policies, standards, and regulatory requirements
Identify risks and recommend remediation strategies using risk-based prioritization, mitigating controls, and continuous improvement methodologies
Evaluate, develop, and recommend information security assessment tools, processes, and techniques
Develop and deliver HIPAA security training and awareness programs
Collaborate with internal stakeholders to identify, track, manage, and report security risks
Build, enhance, and support security operations capabilities, including monitoring and response
Develop, implement, and maintain security policies, standards, and procedures to support enterprise-wide risk mitigation
Contribute to and maintain best practices, methodologies, documentation, and templates
Support and coordinate compliance-focused programs and initiatives across the organization
Mentor and support team members on information security practices and standards
Support environments that include hybrid on-premises infrastructure, cloud platforms, and SaaS solutions
Participate in a 24x7 on-call rotation for Information Security
Perform other duties as assigned that are consistent with the role and organizational needs

Requirements

Bachelor’s degree in Computer Science, Information Security, or a related field preferred
Equivalent combination of education and relevant experience will be considered
Certifications (Preferred) CISSP CISM CISA SANS certifications Security+
Working knowledge of HIPAA Security Rule, NIST Cybersecurity Framework, and PCI requirements
Understanding of information security frameworks and industry best practices
Experience supporting enterprise security operations
Experience working in virtualized and cloud environments
Familiarity with Electronic Health Record (EHR) systems, PACS, and connected medical devices
Hands-on experience implementing, operating, and maintaining security tools and technologies
Ability to independently manage security assessments and security-related projects
Change management and project management experience preferred

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

risk assessmentsecurity operationssecurity policiessecurity toolssecurity frameworkscloud environmentsdata mitigationcompliance managementproject managementchange management

Soft Skills

collaborationmentoringcommunicationproblem-solvingindependent managementcontinuous improvementtraining developmentstakeholder managementreportingteam support

Certifications

CISSPCISMCISASANS certificationsSecurity+