Hackensack Meridian Health Information Security Analyst III -- Security Operations in Edison, New Jersey
Information Security Analyst III -- Security Operations
HMH HOSPITALS CORPORATION Edison Requisition #2022-117720 ShiftDay StatusFull Time with Benefits Weekend WorkWeekends as Needed HolidaysAs Needed On CallOn-Call Commitment Required Shift Hours8:30 a.m. - 5:00 p.m. Address499 Thornall Street, Edison, 08837
Apply (https://careers-hackensackmeridianhealth.icims.com/jobs/117720/login) Save Job Job Saved View Saved
How haveYOUimpacted someone's life today? AtHackensack Meridian Healthour teams are focused on changing the lives of our patients by providing the highest level of care each and every day. From our hospitals, rehab centers and occupational health teams to our long-term care centers and at-home care capabilities, our complete spectrum of services will allow you to apply your skills in multiple settings while building your career, all within New Jersey's premier healthcare system.
TheInformation Security Analyst III -- Security Operationsis responsible for maintaining the security and integrity of Hackensack Meridian Health (HMH) data, leveraging an in-depth understanding of cyber security threats, technologies, and countermeasures to ensure secure computer systems. Knowledge and experience with technology security issues across all platforms and across all business units to include networking, applications, Identity and Access Management, Operating systems, Cloud services, Email gateway, Privileged Access Management, Vulnerability management, Database Security, Data Loss Prevention, Endpoint Security and Software Development. Assists in safeguarding information system assets, data and all security risks. Assists in researching security controls, vulnerabilities, enterprise and cloud risks, and develops effective strategies and control measures to mitigate all security risks. Assists in reducing security threats by examining infrastructure, devices, processes, procedures and identifying security flaws, threat vectors, and using control analysis to follow up with a prompt solution. This is a mid-level technology-oriented position protecting the confidentiality, integrity, and availability of information systems and data of employees, partners, and patients.
A Day in the life of aInformation Security Analyst III -- Security Operationsat Hackensack Meridian Health includes:
Demonstrate an in-depth understanding of business processes and risk management in areas such as cyber security, cloud security, cloud governance and compliance, DevOps, cloud data protection, cloud monitoring and incident response, enterprise security architecture, and technology risk management, and others.
Oversee planning, design, implementation, testing, and operation of cyber security tools, processes, and systems.
Identify and evaluate complex business and technology risks and remediation methods to mitigate risks.
Advanced knowledge of security architecture technology solutions such as firewalls, intrusion prevention systems, Security Information and Event Management (SIEM), vulnerability scanning and management, anti-virus management, certificate management, and data loss prevention (DLP).
Responsible for executing processes within all activities within the security incident response lifecycle. These activities include detection, triage, analysis, containment, recovery, and reporting.
Remediate security risks and exposures, assists in determining the causes of security violations.
Keep abreast of emerging threats, patterns, and trends in healthcare information security, privacy, and compliance.
Advanced skills and hands-on experience in the security domains as defined by the NIST Cyber Security Framework (CSF).
Administer security software or systems to prevent attacks, monitor and audit systems and protect against network breaches.
Manage relationships with management and vendors to develop and implement new solutions to meet business requirements. Assist in reviewing proposed new systems, networks, and software designs for potential security risks; implement mitigation or countermeasures and resolve integration issues related to the implementation of new systems within the existing infrastructure.
Monitor information security trends, standards, and practices to assist in identifying areas that lack the appropriate security controls and make the necessary recommendations.
Install, implement, administer, monitor, and maintain security architecture technology solutions with limited supervision.
Monitor network, systems, and logs for events that could negatively impact the confidentiality, integrity, or availability of HMH systems and data. Investigate and respond to all potential incidents in accordance with prescribed procedures.
Research, evaluate and recommend information-security related hardware and software to maintain a strong security posture, including developing business cases for security investments.
Other duties and/or projects as assigned.
Adheres to HMH Organizational competencies and standards of behavior.
Education, Knowledge, Skills and Abilities Required:
Bachelor's degree in IT, Computer Science, Management Information Systems, or equivalent degree. Work experience may be substituted.
Minimum of 7 years of general IT experience with at least 5 years' of that experience in IT security.
Minimum of 5 years' experience in an environment that has adopted a common security framework (CSF).
Experience with security tools such IPS, SIEM, Web Secure Gateway, Email Gateway, DLP, Firewalls (network and application), Malware Protection, MDM, Forensic Tools, etc.
Demonstrated experience translating technical concepts into business and capability terminology.
Exceptional collaboration ability; experience as an intermediate-level negotiator.
Experience to interact effectively with organizational senior leadership.
Demonstrated effective verbal and written communication and presentation skills.
Ability to travel to other HMH locations as needed.
Education, Knowledge, Skills and Abilities Preferred:
Proficient understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, and PCI.
Strong knowledge of healthcare environments.
In-depth understanding of Information Security practices for the network, servers, databases, applications, and advanced use of Information Security assessment techniques.
Broad understanding of Public Key Infrastructure (PKI), encryption, network security controls tools and functionalities.
Licenses and Certifications Required:
Certified in at least one of the following at hire or must obtain within 1 year of hire:
a. Certified Information Systems Security Professional (CISSP)
b. Certified Information Systems Auditor (CISA)
c. Certified Security+ | CompTIA
d. Global Information Assurance Certification (GIAC)
e. Or other related IT security certification
Licenses and Certifications Preferred:
Certified in at least one of the following:
a. Risk and Information Systems Control (CRISC)
b. Governance of Enterprise IT (CGEIT)
c. Or related IT certification
If you feel that the above description speaks directly to your strengths and capabilities, then please apply today!
Hackensack MeridianHealth(HMH) is a Mandatory COVID-19 and Influenza Vaccination Facility
As a courtesy to assist you in your job search, we would like to send your resume to other areas of our Hackensack Meridian Health network who may have current openings that fit your skills and experience.
this locationView Map
Share this job
Recently Viewed Jobs
No recently viewed jobs