Address
Form of workWhere compassion meets innovation and technology and our employees are family.
Thank you for your interest in joining our team! Please review the job information below.
General Purpose of Job:
Ensure the confidentiality, integrity and availability of Driscoll Health System information systems and assets. Participates in ongoing enforcement and monitoring activities related to security and privacy in compliance with organizational policy, regulatory requirements, federal and state laws, accreditation standards, and industry standards.
Essential Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This job description is not intended to be all-inclusive; employees will perform other reasonably related business duties as assigned by the immediate supervisor and/or hospital administration as required.
Education and/or Experience:
Bachelor's degree (B. A.) from four-year college or university; or one to two years related experience and/or training; or equivalent combination of education and experience.
Incumbents typically have 5-8 years' professional experience in Information Systems including 4-8 years in Information Systems Security.
Certificates, Licenses, Registrations.
Thank you for your interest in joining our team! Please review the job information below.
General Purpose of Job:
Ensure the confidentiality, integrity and availability of Driscoll Health System information systems and assets. Participates in ongoing enforcement and monitoring activities related to security and privacy in compliance with organizational policy, regulatory requirements, federal and state laws, accreditation standards, and industry standards.
Essential Duties and Responsibilities:
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. This job description is not intended to be all-inclusive; employees will perform other reasonably related business duties as assigned by the immediate supervisor and/or hospital administration as required.
- Assist with planning, implementation, and maintenance of comprehensive enterprise-wide Information Security policies, strategies, and systems that protect the organization information systems in accordance with applicable laws, regulatory requirements, and industry standards.
- Plan, implement, troubleshoot, and maintain the necessary technical systems, controls, policies, or procedures to protect information systems assets and data from intentional or inadvertent disruption, modification, disclosure, or destruction.
- Awareness training of the workforce on information security standards, policies, and best practices
- Installation and use of firewalls, data encryption and other security products and procedures
- Conduct periodic network scans to find any vulnerability.
- Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses.
- Monitor networks and systems for security breaches, using software that detects intrusions and anomalous system behavior.
- Investigate security breaches or incidents.
- Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
- Implement enterprise-class security systems for a production environment.
- Align standards, frameworks and security with overall business and technology strategy.
- Identify and communicate current and emerging security threats.
- Implement security architecture elements to mitigate threats as they emerge.
- Maintain relevant knowledge and skills of the following:
- All systems required to implement, support, or maintain.
- Regulatory and legal compliance requirements applicable by federal, state, and local law.
- Advancements in information security, information systems technologies, and standards.
- Adheres to hospital policies and procedures and demonstrates business practices and personal actions that are ethical and adhere to corporate compliance and integrity guidelines always maintaining utmost level of confidentiality.
- Communicate or collaborate with external technology representatives, vendors, and support staff.
- Communicate or collaborate with hospital staff, managers, and administration.
- Performs the full range of assigned tasks, under minimum supervision, while exercising discretion and independent judgment within established guidelines.
- Reports to the assigned Manager in the Information Security & Controls Department.
- Performs other related work assignments as required.
Education and/or Experience:
Bachelor's degree (B. A.) from four-year college or university; or one to two years related experience and/or training; or equivalent combination of education and experience.
Incumbents typically have 5-8 years' professional experience in Information Systems including 4-8 years in Information Systems Security.
Certificates, Licenses, Registrations.
- Certified Information Security Systems Professional (ISC2 - CISSP)
