Hours: 8AM - 5PM
Days: Monday - Friday
JOB SUMMARY
The Information Security Engineer (ISE) is responsible for securing enterprise information at the company by determining security requirements; planning, implementing, and testing security systems; implementing security standards, policies, and procedures; and working with team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure and recommending enterprise security enhancements; conducting system security vulnerability analysis and risk assessments. The Information Security Engineer will be involved in malware detection and web/email content filtering. The ISE will have a minimum 2 years designing deploying configuring supporting IDS, IPS, and SIEM tools. The ISE will work on project teams as a security expert and deliver quality products according to project timelines and budgets. Design and execute audit procedures to assess and measure Hamilton Health Care compliance with its security policies and procedures. Conduct compliance testing and monitoring of current and future regulatory obligations, and other regulatory matters as required. Conducts internal security risk assessments and security compliance audits. Establishes IT security audit procedures relevant to PCI-DSS, NIST 800-53, HIPAA, HITRUST, etc. Improve existing compliance programs and processes. Develop materials and tools to effectively communicate compliance and corporate requirements. Collect, analyze, and prepare reports required for senior management, regulators, and other relevant stakeholders. Document, investigate, and report cybersecurity compliance issues and incidents, where necessary. Help establish a system-wide data classification and information management process. Work with business leaders to ensure information security risk findings are reviewed and solutions are implemented. Define and document how the implementation of a new technology impacts the security posture of the current environment. Understand, develop, and deliver meaningful reports on the program state and adherence to frameworks and standards.
JOB QUALIFICATIONS
Education: Undergraduate degree in Information Systems or related field required. Masters degree in similar preferred.
Licensure: CISA, CISA, CEH, CCSP, GSEC, or Security+ preferred
Experience: A minimum of four (4) years work experience with on-prem and hosted systems (preferably Healthcare applications) along with a support logging system; A minimum of four (4) years work experience with physical and virtual servers/networks and an understanding of application and network security. Hamilton Medical Center (HMC) would accept an equivalent combination of education and experience providing the candidate possesses the knowledge and abilities required by the position.
Skills: A highly motivated, detail and service oriented individual that can work effectively with minimal direction in a job environment which requires creative leadership and precise written and verbal communication, problem solving, organizational and technical skills; A technical and functional understanding of hospital and related information systems that will allow credibility in the eyes of hospital and HHCS management, end users, Information Services personnel, consultants and vendors; A self-motivated, detail and service oriented individual with supervisory, organization, typing and precise communication skills. Ability to work with and utilize to the best advantage the Hamilton Health Care System representatives of various vendors and consultants; A mature individual with a strong sense of organization. A knowledge of computer networking concepts and protocols and network security methodologies. A knowledge of cyber threats and vulnerabilities. A knowledge of risk management processes.A knowledge of cyber threats and vulnerabilities.
PHYSICAL, MENTAL, ENVIRONMENTAL AND WORKING CONDITIONS
Typical office/information systems environment, subject to frequent interruptions, deadline requirements, along with high noise potential and cool temperatures in the data/print center. The associate frequently works with sensitive and confidential patient and business information.
The individual must be able to do the following:
Full-Time Benefits