Intermountain Healthcare Information Systems Security Analyst - Staff or Associate in Salt Lake City, Utah
Greater Salt Lake area
What does it mean to be a part of Intermountain Healthcare? It means that the quest for clinical excellence is not just a goal, but a given. It means building an environment where physicians and employees can deliver the best in healthcare. And it’s realizing each employee or volunteer is vital to the healing process, because we can only achieve theextraordinary together .
Being a part of Intermountain Healthcare means joining with a world-class team of over 36,000 employees and embarking on a career filled with opportunities, strength, innovation, and fulfillment. Our mission is: Helping people live the healthiest lives possible.
Our patients deserve the best in healthcare, and we deliver.
The I.S. Security Analyst is responsible for providing analysis and support for the development, implementation, and maintenance of Intermountain's I.S. Security & Assurance (ISSA), I.S. Security policies, procedures, guidelines, processes, technologies, and solutions ensuring the confidentiality, availability and integrity of Intermountain's electronic information and information systems infrastructure, with an emphasis on the security management of medical devices. Assists in the operational analysis and support of the prevention, detection and response to I.S security threats, vulnerabilities, and incidents. Fully functioning, journey-level professional experienced in most aspects of information systems/security technologies and systems. Incumbent's ability encompasses broad knowledge required within information security and information systems. Incumbents work experience and knowledge includes security or operational management of medical devices and associated clinical systems. Typically implements designs or approaches developed by others. Functions independently and produces results that meet standards of quality, timeliness and acceptability with minimal supervision and general direction.
NOTE: We will hire at staff or associate level based on qualifications.
Essential Job Duties
- 1. Participates in the planning and design of enterprise security architecture under the direction of the Consultant/Senior I.S. Security Analyst, or Team Lead, where appropriate.
- 2. Participates in the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Consultant/Senior I.S. Security Analyst, or Team Lead, where appropriate.
- 3. Participates in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the Consultant/Senior I.S. Security Analyst, or Team Lead, where appropriate.
- 4. Maintains up-to-date general knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
- 5. Recommends additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
- 6. Performs the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating procedures generically and the enterprise's security documents specifically.
- 7. Maintains up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.).
- 8. Maintains operational configurations of all in-place security solutions as per the established baselines.
- 9. Monitors all in-place security solutions for efficient and appropriate operations.
- 10. Reviews logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interprets the implications of that activity and devise plans for appropriate resolution.
- 11. Participates in the design and execution of vulnerability assessments, penetration tests, and security audits.
- 12. Participates in incident investigations into suspicious or problematic activity.
- 13. Provides on-call support for end users for all in-place security solutions.
Minimum Requirements (Associate level)
- Bachelor's degree in Computer Science, Information Systems or technology related field. Degree must be obtained through an accredited institution. Education is verified.
- One year of experience in information systems/security technologies and systems.
- Demonstrated understanding of I.S. security methods and techniques of information systems.
Minimum Requirements (Staff level)
- Bachelor's degree in Computer Science, Information Systems, or technology related field. Degree must be obtained through an accredited institution. Education is verified.
- Three years of related experience in information systems/security technologies and systems.
- Demonstrated understanding of the 10 Information System Security domains in the Common Body of Knowledge for CISSP.
- Demonstrated understanding of I.S. security methods and techniques of information systems
- Benefits Eligible: Yes
- Shift Details: full time, exempt
- Department: Data Security
- Office location: Salt Lake City, Utah
- Additional Details: List any other position Details desired
- Interact with others requiring the employee to communicate information.
- Operate computers and other IT equipment requiring the ability to move fingers and hands.
- See and read computer monitors and documents.
- Remain sitting or standing for long periods of time to perform work on a computer, telephone, or other equipment.
- Be actively pursuing or currently possess CISA or CISSP industry certification
- Possess related IT Security industry certification.
- Five years of related experience in information systems / security technologies and systems.
- One year of related experience supporting/managing medical devices, clinical support systems; or performing security management functions for medical devices, clinical support systems.
- Demonstrated understanding of information security related regulations (e.g. HIPAA/HITECH I.S. Security and Privacy regulations, and the I.S. Security aspects of other regulations including: PCI DSS, SOX (MAR FRC), FRCP, JCAHO and JCAHO Alert 42, GLBA, State Breach, FERPA, and FCRA, etc.
- Demonstrated understanding of I.S. security vulnerability assessment tools and techniques.
- Demonstrated strong analysis and attention to detail, problem resolution, judgment, and decision-making skills.
- Demonstrated ability to effectively prioritize and execute tasks in a high-pressure environment.
- Demonstrated effective leadership and communication skills.
- Demonstrated presentation skills and the ability to work well with others.
- Results oriented, self-motivated, and self-directed professional.
- Demonstrated strong customer service orientation.
All positions subject to close without notice. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
Working Hours 40
Primary Work Location Lake Park Campus
Expertise Information Technology
Job Type Full Time
Location US-UT-Salt Lake City