|KEY JOB REQUIREMENTS
|Bachelor’s degree in computer science, information technology, computer engineering or a related field is required (A combination of experience and certifications may be considered).
|3 years to < 5 years
|Analytical: Supervision is present to establish broad objectives relative to basic position duties or departmental responsibilities. Independent judgment is required to set objectives, coordinate activities within a work unit or to complete a project. Actions taken may be based on similar situations encountered in the past.
|Problem solving involves identification and analysis of diverse problems. Solutions are usually found by reviewing compliance manuals or administrative procedures and applying them for unusual situations. Guidance may be provided on what sources to review and solutions are reviewed before acceptance.
|Responsibility for Directing Others:
|Involves no responsibility or authority for the direction of others.
|Four to Twelve Months: Plan events that will occur during the year, and have some effect on annual expenditures and/or revenues.
|Requires regular contact within the department and ongoing contact with other departments, supplying, or gathering factual information.
|Requires occasional contact with outside agencies, other medical centers, patients, or visitors, supplying or gathering factual information.
| Job-Related Knowledge:
|Advanced Professional Skills: The professional theory and practice of the level above, but applied at the advanced level of a “fully seasoned” professional. Requires extensive knowledge of the professional discipline, a working knowledge of and the ability to integrate information from related fields, and/or skills found in thorough knowledge of business management. Examples: develop policies or procedures for department, develop new methods or prototypes to meet unique situations, manage a budget, prepare reports for top management
|Required Licenses, Certifications, Registrations:
|2 of the following are required upon hire (3 is strongly preferred; 3rd is required to be obtained within 1 year): EC-Council [Certified Penetration Testing Professional (C|PENT), Certified Incident Handling (E|CIH), Certified Cloud Security Engineer (C|CSE), Certified DevSecOps Engineer (E|CDE), Certified Network Defender (C|ND), Disaster Recovery Professional (E|DRP)], Global Information Assurance Certification (GIAC) [Defensible Security Architect (GDSA), Security Operations Certified (GSOC), Security Professional (GISP), Certified Incident Handler (GCIH)], CompTIA [CompTIA Advanced Security Practitioner (CASP+)], Microsoft [Microsoft Certified: Cybersecurity Architect Expert (MCE-CAE)]
|Applied knowledge of the cybersecurity /risk analysis discipline, extensive knowledge of and the ability to detect and defend on healthcare platforms, SIEM tools, data analysis, fast/triage response, threat detection and remediation, Disaster Recovery and Business Continuity best practices. Strong communication skills, interpersonal skills, ability to handle multiple projects, ability to handle large customer needs/request volumes, familiarity with current generation Windows/Apple OS/devices, Microsoft 365 suite, experience with support desk platforms and project tracking tools.
|Working Conditions/ Physical Effort:
|Must be able to lift equipment such as computers and printers weighing up to 50 pounds. Must be able to sit or stand for long periods. Healthcare environment with vaccination requirements. External and internal applicants, as well as position incumbents who become disabled, must be able to perform the essential job specific functions either unaided or with the assistance of a reasonable accommodation to be determined by the organization on a case by case basis. If the requirement is not marked, then the standard is generally considered not applicable (See reference graph).
- Design and implement secure network architectures, systems, and applications to prevent unauthorized access and data breaches.
- Conduct thorough analysis of cyber threats and vulnerabilities to proactively identify and address potential risks.
- Deploy and configure security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, encryption tools, and identity management systems.
- Respond to and mitigate security incidents in a timely and effective manner, minimizing the impact of potential breaches.
- Perform regular vulnerability assessments, penetration testing, and security audits to identify and remediate weaknesses in the organization's infrastructure.
- Develop and enforce security policies, standards, and procedures, ensuring compliance with relevant regulations and industry best practices.
- Monitor security alerts and logs, analyze trends, and investigate anomalies to identify potential security threats and intrusions.
- Conduct security awareness programs and provide training to employees to promote a security-conscious culture within the organization.
- Develop and test disaster recovery and business continuity plans to ensure the organization's ability to recover from security incidents and maintain essential operations.
- Maintain comprehensive documentation of security measures, incident reports, and security configurations.
- Knows fire, disaster and safety procedures and regulations as it pertains to the work area.
- Performs similar or related duties as assigned.