Job Information
Hackensack Meridian Health Information Security Analyst IV, Security Operations in Edison, New Jersey
Information Security Analyst IV, Security Operations
HMH HOSPITALS CORPORATION Edison Requisition #2023-129567 ShiftDay StatusFull Time with Benefits Weekend WorkWeekends as Needed HolidaysAs Needed On CallOn-Call Commitment Required Shift HoursVaries Address499 Thornall Street, Edison, 08837
Apply (https://careers-hackensackmeridianhealth.icims.com/jobs/129567/login) Save Job Job Saved View Saved
Overview
Our team members are the heart of what makes us better.
At Hackensack Meridian Health we help our patients live better, healthier lives — and we help one another to succeed. With a culture rooted in connection and collaboration, our employees are team members. Here, competitive benefits are just the beginning. It’s also about how we support one another and how we show up for our community.
Together, we keep getting better - advancing our mission to transform healthcare and serve as a leader of positive change.
TheInformation Security Analyst IV -- Security Operationsis responsible for maintaining the security and integrity of Hackensack Meridian Health (HMH) data, leveraging an in-depth understanding of cyber security threats, technologies, and countermeasures to ensure secure computer systems. Knowledge and experience with technology security issues across all platforms and across all business units to include networking, applications, Identity and Access Management, Operating systems, Cloud services, Email gateway, Privileged Access Management, Vulnerability management, Database Security, Data Loss Prevention, Endpoint Security and Software Development. Assists in safeguarding information system assets, data and all security risks. Assists in researching security controls, vulnerabilities, enterprise and cloud risks, and develops effective strategies and control measures to mitigate all security risks. Assists in reducing security threats by examining infrastructure, devices, processes, procedures and identifying security flaws, threat vectors, and using control analysis to follow up with a prompt solution. This is a mid-level technology-oriented position protecting the confidentiality, integrity, and availability of information systems and data of employees, partners, and patients.
This role is primarily remote with a requirement to come onsite no more than 4x per year
Responsibilities
A day in the life of aInformation Security Analyst IV -- Security Operationsat Hackensack Meridian Health includes:
Demonstrate an in-depth understanding of business processes and risk management in areas such as cyber security, cloud security, cloud governance and compliance, DevOps, cloud data protection, cloud monitoring and incident response, enterprise security architecture, and technology risk management, and others.
Oversee planning, design, implementation, testing, and operation of cyber security tools, processes, and systems.
Identify opportunities to mature processes, deepen engagement with partners, and mature control health across the IT ecosystem.
Advise the leadership team on the appropriate administration of information security standards, assisting them in developing plans within their business units to manage these risks effectively by understanding the fundamental aspects of their business objectives.
Advanced knowledge of security architecture technology solutions such as firewalls, intrusion prevention systems, Security Information and Event Management (SIEM), vulnerability scanning and management, anti-virus management, certificate management, and data loss prevention (DLP).
Responsible for executing processes within all activities within the security incident response lifecycle. These activities include detection, triage, analysis, containment, recovery, and reporting.
Remediate security risks and exposures, assists in determining the causes of security violations.
Keep abreast of emerging threats, patterns, and trends in healthcare information security, privacy, and compliance.
Advanced skills and hands-on experience in the security domains as defined by the NIST Cyber Security Framework (CSF).
Administer security software or systems to prevent attacks, monitor and audit systems and protect against network breaches.
Maintain relationships with management and vendors to develop and implement new solutions to meet business requirements. Lead reviews for proposed new systems, networks, and software designs for potential security risks; implement mitigation or countermeasures and resolve integration issues related to the implementation of new systems within the existing infrastructure.
Monitor information security trends, standards, and practices to assist in identifying areas that lack the appropriate security controls and make the necessary recommendations.
Install, implement, administer, monitor, and maintain security architecture technology solutions with limited oversight.
Monitor network, systems, and logs for events that could negatively impact the confidentiality, integrity, or availability of HMH systems and data. Investigate and respond to all potential incidents in accordance with prescribed procedures.
Research, evaluate and recommend information-security related hardware and software to maintain a strong security posture, including developing business cases for security investments.
Other duties and/or projects as assigned.
Adheres to HMH Organizational competencies and standards of behavior.
Qualifications
Education, Knowledge, Skills and Abilities Required:
Bachelor's degree in IT, Computer Science, Management Information Systems, or equivalent degree. Work experience may be substituted.
Minimum of 10 years of general IT experience with at least 8 years' of that experience in IT security.
Minimum of 8 years' experience in an environment that has adopted a common security framework (CSF).
Experience with security tools such IPS, SIEM, Web Secure Gateway, Email Gateway, DLP, Firewalls (network and application), Malware Protection, MDM, Forensic Tools, etc.
Experience with translating technical concepts into business and capability terminology.
Exceptional collaboration ability; experience as an intermediate-level negotiator.
Ability to interact effectively with organizational senior leadership when needed.
Demonstrated effective verbal and written communication and presentation skills.
Ability to travel to other HMH locations as needed.
Education, Knowledge, Skills and Abilities Preferred:
Proficient understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, and PCI.
Strong knowledge of healthcare environments.
In-depth understanding of Information Security practices for the network, servers, databases, applications, and advanced use of Information Security assessment techniques.
Broad understanding of Public Key Infrastructure (PKI), encryption, network security controls tools and functionalities.
Licenses and Certifications Required:
Certified in at least one of the following: a. Certified Information Systems Security Professional (CISSP) b. Certified Information Systems Auditor (CISA) c. Certified Security+ | CompTIA d. Global Information Assurance Certification (GIAC) e. Or other related IT security certification
Licenses and Certifications Preferred:
Certified in at least one of the following: a. Risk and Information Systems Control (CRISC) b. Governance of Enterprise IT (CGEIT) c. Or related IT certification
If you feel that the above description speaks directly to your strengths and capabilities, then please apply today!
Our Network
Hackensack MeridianHealth(HMH) is a Mandatory COVID-19 and Influenza Vaccination Facility
As a courtesy to assist you in your job search, we would like to send your resume to other areas of our Hackensack Meridian Health network who may have current openings that fit your skills and experience.
Apply (https://careers-hackensackmeridianhealth.icims.com/jobs/129567/login)
Learn about
this locationView Map
Share this job
Facebook
Twitter
LinkedIn
Email
Recently Viewed Jobs
No recently viewed jobs