More information about this job
To be part of our organization, every employee should understand and share in the YNHHS Vision, support our Mission, and live our Values. These values—integrity, patient-centered, respect, accountability, and compassion—must guide what we do, as individuals and professionals, every day.
Under the direction of the Health System Information Security Officer supports information security initiatives through continuous monitoring of the enterprise security status and participates in activities to assess compliance with internal policies and government regulations (e.g. HIPAA). The responsibilities include procurement, implementation, administration, monitoring and examination of security management tools needed to discover vulnerabilities and correlate incidents. This Position is also responsible for incident detection, investigation, mitigation, documentation, logging, and reporting.
- 1. Assists in understanding user requirements, and develops and recommends security hardware, software and tools solutions to satisfy the requirements.
- 2. Provides skilled technical development of security architecture, design, planning, implementation and support.
- 3. Develops and maintains corporate-wide communications standards and procedures.
- 4. Discovers, reports, and resolves information security environment problems.
- 5. Evaluates feasibility of new hardware, software and tools as they become available.
- 6. Tests, evaluates and installs new hardware, software and tools as they relate to the corporate information security program.
- 7. Responsible for implementing operational security frameworks for existing and new computing services, programs, and applications.
- 8. Provides quality assurance of systems by ensuring successful implementation and maintenance of information security tools as defined in IS&T Security Policies.
- 9. Supports and continuously monitors and reports on all information security vulnerabilities and incidents.
- 10. Creates and maintains documentation.
- 11. Perform daily operations and provides scheduled reporting on detected security incidents, trends, and current state of information security.
- 12. Reviews results from internal active network penetration tests to ensure mitigation of vulnerabilities in information systems.
- 13. Assist with information security impact to server, client, and application upgrades and installations where appropriate.
- 14. Responds to information security inquiries.
- 15. Participates in application information security reviews and assessments.
- 16. Supports the Lead Information Security Specialist in performing monthly security, reviews and in preparing monthly, quarterly, annual, and ad-hoc status reports.
- 17. Works well within a team of Information Security specialists and analysts.
- 18. Provide operational metrics to continually assess information security, for policy and regulatory compliance and generates reports.
For Immediate Placement - Andrew Raynor Dover New Hampshire