Job Details

Information Security Officer

Oregon Health Authority, Salem, OR

Job - Government

Close Date: 12/31/2018

The Oregon Health Authority is modernizing and expanding their IT infrastructure and currently has a fantastic opportunity for an experienced Information Security Officer to join an excellent team and work to advance their IT operations.

The Oregon Health Authority promotes health equity by developing policies and programs to eliminate health disparities and reach health equity for all Oregonians.

What you will do!
As an Information Security Officer, you will be part of the Information Security and Privacy Office (ISPO) of the Oregon Health Authority (OHA) and will work under the direction of the Chief Information Risk Officer.

In this role, you will provide leadership, management and expertise on all aspects of information security serving as a subject matter expert. You will be responsible for information security advisory services, information exchange (3rd party management) and information security risk assessments. You will also manage vulnerability assessments and incident management.

Your responsibilities will include:
1. Developing and implementing the organization's information security policies, process and plans.
2. Developing and maintaining the information security team to include internal processes and practices.
3. Identifying training requirements.
4. Reviewing legislation within an information security nexus and providing subject matter expert feedback.
5. Leading and managing information security staff and resources.
6. Backfilling the role of Chief Information Risk Officer in his/her absence.
7. Identifying and implementing solutions to organizational information security threats and vulnerabilities.
8. Leading projects related to information security.
9. Remaining current on information security trends, threats and vulnerabilities.
10. Collaborating with the Enterprise Security Office to ensure that the ISPO's alignment with their processes, policies and plans.

Additionally, you will work with all levels of management and within agencies and serve as a key point of contact with internal and external customers on all issues pertaining to information security. You may lead teams for projects as well as participate in initiatives for ISPO and other committees as needed.

What's in it for you?
Collaboration in an open office with a team of bright individuals to work with and learn from. We offer full medical, vision and dental with paid sick leave, vacation, personal leave and ten paid holidays per year. If you are an experienced Information Security Officer, don't delay, apply today!

This is a full-time, permanent position that is classified as management services, supervisory and is not represented by a union.

This position will be located in Salem at 3991 Fairview Industrial Drive SE.

Six years of experience in supervision, staff-technical, or professional-level work. Two years of this experience must have included supervision and management of a program, section, or unit which included: a) development of program rules and policies, b) development of long- and short-range goals and plans, c) program evaluation, and d) budget preparation.


Six years of experience in supervision, staff-technical, or professional-level work. Two years of this experience must have included program/project leader responsibility involving one or more of the following areas: a) development of program rules and policies, b) development of long- and short-range goals and plans, c) program evaluation and/or project evaluation, or d) monitoring and controlling or preparing a budget.

• Successful completion of Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) is required OR must be obtained within 12 months of hire.
• Strong working knowledge of management strategies and techniques.
• Ability to lead information security technical and program professionals.
• Broad-based knowledge of programs related to government agencies.
• Experience working under federal, state and agency laws and guidelines pertaining to information security and the protection of unauthorized disclosure of regulated or otherwise protected information.
• Ability to translate technical issues and concepts into non-technical language understandable by all levels of management and customers.
• Ability to build and maintain professional and harmonious relationships including work adjustment and adaptability, cooperativeness, loyalty and teamwork.
• Project Management experience and/or related training or education.
• Knowledge of and experience with data governance and the management of regulated data.
• Excellent written and verbal communication and presentation skills.
• Experience working with diverse groups with varying priorities and goals and moving these groups toward consensus.

Complete details: