POSITION SUMMARY/RESPONSIBILITIES
The Senior Information Security Analyst is responsible for working in a team of information security professionals who protect the confidentiality, integrity, and availability of information in the Health System’s information systems. Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risk. Validates baseline security configurations for operating systems, applications and networking and telecommunications equipment. Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts. Works closely with business units to identify security requirements, using methods that may include risk and business impact assessments. Monitors and advises on information security issues related to the systems and workflow to ensure the internal security controls are appropriate and operating as intended. Supervises a team of security administrators to set workload priorities.
EDUCATION/EXPERIENCE
Bachelor's degree in Computer Science, MIS, or Information Security, or equivalent work experience and five years of information security experience is required to include developing and documenting security architecture and plans, including strategic, tactical and project plans. Information security certification preferred but not required. Security certifications may include, but not be limited to CISSP, CISA, CISM, GSEC, Security+, and certified ethical hacker. Project Management experience and experience with creating and managing project plans is preferred. Knowledge of common information security management frameworks such as ISO 27001, ITIL, COBIT, and NIST is preferred .
