GENERAL SUMMARY AND SCOPE
The Information Security Analyst, under the direction of the Senior Information Security Analyst, monitors the infrastructure (software, hardware, networks), investigates unusual activity, and provides remediation. This position is responsible for monitoring for, assessing, and responding to security related incidents. Test for compliance with security policies and procedures, as well as assist in the creation, implementation, and/or management of information security policies and solutions.
This position is subject to call in by stand-by staff.
ACE OF HEARTS PLEDGE
The employee will demonstrate the ACE of Hearts Pledge, which involves being an accountable and collaborative team member; treating patients, families, and co-workers with dignity and respect; and ensuring that empathy and compassion are the basis for interactions with all those served.
ESSENTIAL TASKS, DUTIES, AND RESPONSIBILITIES
Clearly communicate Information Security matters to auditors, end users, and staff, using appropriate language, examples, and tone.
Works with Information Services teams in securing application stack including least privilege credential usage, micro-segmentation utilizing host based firewalls, and disabling unneeded services.
Works with Service Desk team to implement a secure corporate desktop image which includes least privilege, application whitelisting, and micro-segmentation utilizing host based firewalls.
Aids with monitoring of end point devices and centralized log collection.
Maintains security policies for accessing resources based on industry good practice and organizational requirements.
Continuously monitor status and effectiveness of technical, physical and administrative controls across Firelands Health System, ensuring key risk indicators are effectively monitored to prevent unacceptable impact on organizational objectives and reputation.
Works with Senior Information Security Analyst to address key findings in quarterly security scans and annual penetration test reports.
Provides technical assistance, training, and ongoing support to fellow Information Services staff, and users of the FRMC network.
OTHER TASKS, DUTIES, AND RESPONSIBILITIES
Stay abreast of developments in the fields of Information Security and Healthcare including applicable regulatory requirements and guidance such as NIST, FDA guidance, HIPAA, PCI, ARRA programs, etc. Review job-related publications including those by HIMSS and US-CERT, and broaden knowledge of various tasks through orientation by others.
Participate in department performance improvement and change management activities as assigned, and attend required training. Demonstrate service excellence and ACE.
Willing to work overtime and/or a non-standard work schedule, and perform other duties as required.
KNOWLEDGE SKILLS AND ABILITIES
Bachelor’s Degree in Information Systems, Cybersecurity, Computer Science or related discipline, or 4 or more years of equivalent career experience.
Demonstrates ability to clearly communicate Information Security matters to auditors, end users, and staff, using appropriate language, examples and tone in written and verbal forms.
Working knowledge of information systems security standards and practices (e.g., access control and system hardening, system audit and log file monitoring, security policies, and incident handling)
“Hands on” security knowledge of Firelands Health System relevant platforms
Strong analytical, technical, documentation and problem solving skills
Working knowledge of Healthcare IT relevant protocols and technologies
Ability to interpret information security data and processes to identify potential compliance issues
Ability to review and quickly understand proposed systems in order to identify and validate security requirements
Excellent interpersonal, organizational and technical writing skills
Ability to be a self-starter who is accountable, requires minimal supervision and is open to new ideas
Excellent teamwork skills and continuous learning to stay current with threats, prevention, and detection capabilities used in corporate environments
Punctual attendance at assigned work location is required.
Demonstrates ability and willingness to generate and maintain necessary documentation.
Demonstrates ability to work in a safe and efficient manner and maintain an accident-free work place. Demonstrates compliance with Medical Center and departmental policies and procedures, and a working knowledge of Medical Center emergency codes.
Demonstrates compliance with applicable OSHA regulations and CDC standard and transmission-based precaution recommendations and the ability to utilize proper personal protective equipment. Demonstrates compliance with provisions of applicable S.D.S. forms
Must possess a valid State of Ohio motor vehicle operator’s license and be insurable under Firelands’ auto policy. Employee must provide proof of personal automobile liability insurance coverage upon request.
Successful completion of a one hundred eighty (180) day get-acquainted period.
Location/Region: Sandusky, OH (US)