Share this Job

Information System Security Officer (ISSO)

Post Date:  Nov 10, 2022

Chicago, IL, US, 60604

Position Type:  Full Time
Requisition Number:  26795
Work Schedule:  Monday - Friday

Are you looking to find personal and professional fulfillment, and align your career with your values? 


At Gateway Foundation, our employees have an opportunity to make a difference every day by helping people with substance abuse issues gain control of their lives.


Gateway Foundation is a recognized non-profit leader in evidence-based treatment proven to get results. Our experts in Addiction Medicine—including highly educated clinical and medical professionals and expert psychiatrists and nurses—deliver care that never stops. Throughout Gateway’s proud history of helping others, dedicated and professional employees have been vital to accomplishing our life-saving mission. Read more about the incredible recognition that we recieved!


If you are a collaborative professional who shares our commitment to helping people with substance abuse and mental health issues turn their lives around – GATEWAY IS THE PLACE FOR YOU! 



Responsible for establishing and maintaining the enterprise security strategy and overall program to ensure information assets are adequately projected, and serves as the organization’s Information System Security Officer (ISSO).  Plans, directs and coordinates the management of information and technology resources and projects within a defined area of the IS department.  Manages the development, implementation and maintenance, and enforces organization-wide policies and procedures to ensure compliance with accreditation standards, applicable state and federal regulations, and Gateway overall objectives. Identifies problems and process improvements and works to develop appropriate


PRINCIPAL DUTIES AND RESPONSIBILITIES: (The following duties and responsibilities are all essential job functions, as defined by the ADA, except for those that begin with the word "May.")

  • Establishes and maintains the enterprise security strategy and overall program to ensure information assets are adequately protected.  Directs and coordinates the operations and activities for key areas of responsibility to ensure efficient and timely project completion and the effective use of staff and system resources.
  • Manages the development, implementation and maintenance of organization-wide policies and procedures related to systems access control, disaster recovery, incident reporting, and risk management needs using business applications.  Ensures compliance with accreditation standards, applicable privacy and security federal and state regulations, and Gateway objectives.  Advises managers of related policies and procedures, and elicits cooperation in adherence to same to facilitate the process.
  • Responsible for the Information Systems Security Architecture, including the selection, testing, deployment and maintenance of security hardware and software products, and outsourced arrangements; to ensure the security of business applications and implements strategies that comply with regulatory standards.  Identifies, selects and manages vendor relationships.
  • Performs initial and annual security risk assessments by conducting and coordinating onsite visits to identify gaps and ensure information systems are protected and meet regulatory requirements.  Works with managers, other Gateway staff and consultants to identify areas to improve and enhance efficacy and processes.
  • Analyzes and resolves system problems by regularly evaluating business processes, investigating and identifying methods to prevent computer security breaches and other technology issues.  Proactively pursues root causes for issues and service failures and communicates these issues and resolutions to the management team.
  • Assists the IS Director with the development of short and long range plans for investments in information technology to ensure alignment with organization objectives.  Develops goals, objectives, projects, and budgets for defined areas of responsibility; and establishes a system to prioritize the day to day tasks and assigned projects of the team. 
  • Develops project objectives, parameters, standards, timeframes, resource allocations and budgets.  Works collaboratively with others to lead projects, complete tasks associated with various projects and contribute expertise regarding; but not limited to, security related matters and compliance with regulatory requirements. 
  • Assists in the development, delivery and compliance monitoring of security awareness training provided to all Gateway staff, and other parties that may have systems access. 
  • Monitors and provides regular status reports and updates on progress of area projects and activities, and operations to senior management and end users to ensure on time and in budget completion. Including, but not limited to, potential security risk, overall security efforts and compliance with security measures.  Reports any deviations to management in a timely manner.
  • Keeps current regarding trends and developments, especially those pertaining to security compliance, and applicable laws and regulations, through reading of professional literature and attendance at appropriate seminars, conferences and workshops.
  • May travel to various treatment centers to assess security breaches and ensure appropriate procedures are followed; conduct risk assessments and/or attends meetings.



  • Bachelor’s degree required; prefer Health Information Management or a similiar field
  • Knowledge of information systems risk assessments, data security systems  and applicable and laws and regulations; and high level communication skills in order to present information effectively in person or in writing
  • Ability to plan, oversee and coordinate the organization’s security program; develop and implement policies and procedures; and serve as a professional resource regarding business applications and security risks; at a level normally acquired through five to seven years progressively more responsible, related experience in the information systems, health information management or project management field.
  • Advanced interpersonal skills necessary to maintain cooperative working relationships with multiple levels of Gateway staff, and state and government agencies; to respond to customer requests and develop effective solutions to identified problems.
  • Analytical abilities necessary to gather and evaluate quantitative and qualitative data; identify problem areas; and initiate effective corrective actions or responses to ensure Gateway compliance with accreditation and regulatory agencies.


PHYSICAL REQUIREMENTS: (The following statements describe the physical abilities required to perform the essential job functions, although exceptions may be made to these requirements based on the principle of reasonable accommodation.)

  • Ability to communicate effectively in person or by telephone in order to gather and exchange information.
  • Ability to lift and carry 5 to 20 pounds of files (desirable).
  • Proofreading and checking documents for accuracy on a continual basis (critical).
  • Ability to use a keyboard and video display terminal to enter, receive, and/or audit information and data.
  • Ability to respond to telephones, pages and speech.
  • Ability to travel to various program sites.



  • Reports to the Chief Information Officer (CIO).
  • May assign and follow-up on the work of others relating to the scope of work, and is directly responsible for the supervision of other employees.



  • Works in normal office and clinical environments where there are relatively few discomforts due to dust, dirt, noise and the like.
  • May be exposed to inclement weather when traveling to various locations.  Some exposure to hazards when driving, but potential for harm is limited if safe vehicle operation procedures are followed.


Competitive Compensation and Benefits: 


Gateway Foundation values its employees and provides an inclusive and diverse work environment where dedicated employees can make a difference. We are committed to engaging and rewarding our employees in meaningful ways. For eligible employees, we provide a Total Rewards Package that includes:

  • Health Insurance - Including a wellness premium incentive opportunity
  • Dental & Vision Insurance
  • Paid Time Off - Including 18 days of PTO and 9 paid holidays in the first year
  • Catastrophic Absence Time (CAT) - Accrue up to seven days annually, to be used during an extended personal illness
  • Flexible Spending Accounts 
  • Commuter Accounts
  • 403(b) Retirement Plan with company match 
  • Life and AD&D Insurance
  • Long-Term Disability (LTD)
  • Employee Assistance Program (EAP)
  • Gateway is a qualified employer for Public Service Loan Forgiveness (PSLF)
  • Tuition Reimbursement
  • Training & Development Programs


Gateway Foundation is an Equal Opportunity Employer: Race/Color/Sex/Sexual Orientation/ Gender Identity/Religion/National Origin/Disability/Vets. Please view Equal Employment Opportunity Posters provided by OFCCP here

Nearest Major Market: Chicago