Senior Information Security Analyst, Smcs

Sutter Health Roseville , CA 95661

Posted 2 months ago

The Senior Information Security Analyst possesses superior problem-solving skills and significant experience in leading cross-funtional teams to ensure security policies, procedures, standards, and best practices are effectively in place. The Sr Analyst provides information security support and guidance to Sutter Health privacy and security leadership, affiliates, and operating unit security program, reports to the Affiliate Information Security Officer (ISO), is a hands-on leader in the day-to-day security program administration, and represents the information security office, conducting audits, assessments, investigations, training, and program operational duties. In addition, the Sr Analyst works with Information Services, business, and clinical operations to identify and recommend solutions on security-related issues, and provides senior-level expertise and hands-on security administration of a broad range of security duties and requires a high level of security experience. The Sr Analyst has duties and responsibilities that include, but are not limited to, oversight of design, engineering, analysis, research, testing and monitoring of security controls. The Sr Analyst also serves as the senior advisor to the affiliate ISO and Organizational Unit (OU) Deputy Chief Information Security Officer (DCISO), as well as various other leaders and teams.

Education

Bachelors degree in Computer Science, Information Security, Business, Management, or related field required.

Masters degree in Computer Science, Information Security, Business, Management, or related field preferred.

Certified Information Systems Security Professional (CISSP) required within 12 months of hire. Security HealthCare Information Security and Privacy Practitioner (HCISPP) required.

Certified Ethical Hacker (CEH) preferred.

Experience/Knowledge/Skills

  • Senior work experience in information systems and information security as typically acquired in 15 years

  • Five years of healthcare information technology industry experience highly desired

  • Significant knowledge of information security concepts and current information security trends and practices including security processes and methods.

  • Must be an expert in security concepts, practices, and procedures

  • Significant knowledge of software, hardware, databases, networks, firewalls, encryption, and other system security devices

  • Must have the ability to provide effort estimation and complete work based on a schedule of activities in coordination with delivery leader

  • Experience with DNS, DHCP, TCP/IP, Active Directory, network topologies, and intrusion detection systems to enable incident response and investigations.

  • Well-versed in Active Directory support tools including able to use LDAP tools and interfaces

  • Superior knowledge of SQL technologies and database architectures

  • Extensive experience with security tools in the industry

  • Demonstrates exceptional quantitative, analytical, and conceptual thinking skills

  • Strong skills in planning, administration, and management of information systems, operational and technical security controls, and security risk analysis and management

  • Extensive knowledge of federal and state security and privacy-related regulatory requirements

  • Extensive knowledge regarding NIST, HIPAA, FIPS, and other recognized industry security standards and best practices

  • Excellent written and verbal communication skills

  • Strong interpersonal and customer support skills

  • Strong organizational and problem-solving skills

  • Prioritize work while multi-tasking on assigned work

  • Ability to effectively leverage vast detailed knowledge and familiarity with security disciplines

  • Possess ability to identify key concepts, factors and risks based on conversations and document them in clear and concise narrative or graphic reports

  • Must possess expertise in developing long-term strategies to address security threats

  • Must work well within a time-sensitive environment

  • Ability to work alone as well as in a group, under pressure

  • Excellent ability to analyze, make decisions, and solve problems

  • Good leadership qualities to instruct and lead junior analysts

  • Able to train others on various system security threat mitigations

  • Maintains a passion for delighting customers

  • Proven history of executing business impacting projects with defined scope, deliverables and timelines

  • Strong diagnostic capabilities

  • Proven security analytics and/or extensive data analytics experience

See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Project Manager Privacy & Information Security

Sutter Health

Posted 2 weeks ago

VIEW JOBS 10/31/2018 12:00:00 AM 2019-01-29T00:00 The Privacy and Information Security Project Manager (Manager) works directly for the Senior Regulatory Privacy and Information Security Analyst Lead and collaborates with the Chief Privacy and Information Security Officer, Deputy Chief Privacy Officer, Deputy Chief Information Security Officers, affiliate Privacy and Information Security Officers, Privacy and Information Security by Design Officers, and other privacy and security team members to assure compliance with federal and state privacy and security regulations, including HIPAA, HITECH, CMIA, other state privacy and security laws, and the organization's privacy policies and procedures. The Manager is responsible for planning, executing, and overseeing a variety of projects, including regulatory, investigative, work plan, and education-based projects. The Manager will assist in the oversight, management, and implementation of Privacy and Information Security Department initiatives and projects, and is responsible for project communication and coordination between privacy and information security team members, departments, divisions, affiliates, and internal and external stakeholders. The Manager also assists with the development and maintenance of project plans and is responsible for tracking progress and anticipating and resolving project delays. The Manager will facilitate meetings, prepare timeline reports on the progress and status of project milestones, organize the project, its participants, stakeholders, and deliverables, and manage approved projects that have varying level of complexity in nature from conception through completion to include scope, time, and cost. The Manager may also be assigned to manage approved projects that are less complex in nature from conception through completion with the support and direction of a functional manager and/or lead. Education Associates is required, or equivalent combination of experience Business Administration, Computer Science, Health Information Management or related field is required or equivalent combination of experience Experience * Proven experience as a project manager, assisting in the implementation of strategic privacy and information security programs and initiatives, as typically acquired during 3 to 5 years in a similar position * Significant experience in privacy, information security, compliance, or other related healthcare field * Previous experience in a healthcare company with knowledge of existing and emerging federal and state requirements related to privacy and security of health information * Proven experience working with various stakeholders towards successful development and implementation of projects Knowledge * Significant knowledge of project management methodologies * Thorough knowledge of personal computers and relevant applications used in all stages of project management * Extensive knowledge of health information privacy laws, regulations, industry standards and best practices * General knowledge of project management software, such as Microsoft Project Understanding of the continuous process to safeguard protected health information and business information assets Skills * Must be a hands-on contributor to ensure timely deliverables of Privacy and Information Security Department projects * Proven aptitude in managing projects and working with groups with divergent views * Demonstrated ability to influence individuals working on a project without direct control and/or authority * Proven ability to maintain a high level of confidentiality * Demonstrated ability to complete projects in a timely manner with little supervision or direction * Demonstrated ability to set priorities and to respond to changing demands from multiple sources in a fast-paced environment * Proven ability to follow through, meet deadlines, anticipate requirements, and build relationships * Comfort level with internal systems and demonstrated ability to learn new systems * Excellent time management and organizational skills * Demonstrated background in written/verbal communication with the ability to develop educational and informational presentations * Extensive PC skills including the proven ability to use Outlook, Word, Excel, PowerPoint, project management, and similar system to perform analysis, track project progression, develop projections, and submit performance graphics * Proven ability to multi-task and function within established time frames for deadlines * Strong team-building orientation, demonstrated communication skills with leadership and executive staff, and the ability to develop and foster relationships at all levels throughout the organization Sutter Health Roseville CA

Senior Information Security Analyst, Smcs

Sutter Health