Catholic Health Initiatives IT Security Analyst II in ENGLEWOOD, Colorado
IT Security Analyst II
Works under the supervision of the Manager, Enterprise Security Services and guidance of Senior IT Security Analysts. The IT Security Analyst ll will contribute to the organization’s mission and vision by performing risk assessments and reviews to identify key corporate security vulnerabilities that affect the confidentiality, integrity and availability of electronic protected health information and other company confidential data, and provides technical support to systems owners to address and implement solutions to identified security and risk issues.. Participates in developing the design for the enterprise network security environment, with functional components. Interprets security related events and identifies relevant data and appropriate response for cross functional teams, data owners and business leaders.
The IT Security Analyst ll position requires an in-depth understanding of the CHI enterprise and MBO business and information security practices for the network, server (Microsoft, Unix, Linux), databases, applications, and the use of risk / security vulnerability tools and other security assessment techniques
Perform assessments of current security technology and authentication systems and evaluate against HIPAA, Federal and State Information Protection and Privacy regulation, CHI Security Policies, and other relevant regulations and best practice controls pertaining to the protection of Enterprise information assets with respect to security and privacy.
Develop and advance IT Security policies, standards and procedures in conjunction with the application and technology teams responsible for the day-to-day systems configuration and operation
Proactively audit the network security environment and provide actionable information pertaining to risk discovery and remediation technologies, techniques, and processes.
Assess and review new and existing technology infrastructure to identify key risk areas, and ensure adequate levels of control are in place to address those risks and develop risk mitigation techniques and processes to ensure that all reviews as actionable by system managers and the operations staff
Consults, advises, and collaborates with department staff and personnel in IT departments to coordinate data security related activities.
Consults, advises, and develops action plans to design suitable vulnerability and threat management systems in order to safeguard all CHI information assets.
Assists senior IT Security analysts with developing and implementing of a security incident response process and the maintenance of all associated documentation.
Update skills as necessary to support the CHI IT Security and remain knowledgeable of industry standards and advancements.
Skills, Requirements, and Certifications (Includes specific or unique technical skills / knowledge / experience)
Experience with supporting IAM/IAG software to RSA-VIA, Sailpoint, or an Identity Management application
Basic knowledge of queries and databases, primarily SQL/Oracle
Strong work ethic, with very strong communication, organization, analytical, troubleshooting, and customer service skills
Team oriented, flexible, and adaptable
Able to write documentation, policy, and procedures
Associate degree in a related technical field or equivalent experience.
Certified Information Systems Security Professional (CISSP) or Certified Information Systems Auditor (CISA) preferred.
Minimum of 4 years of progressive experience in information services, including two years in systems security with certification, maintenance and use of security products in a distributed enterprise environment.
Experience in compliance with federal security regulations.
Minimum of 2 years’ experience in healthcare or security consulting
Must have experience and demonstrate knowledge and/or skills in the following areas:
Experience in Windows, Linux, UNIX (AIX); TCP/IP, CISCO routers and switches, Encryption, Defense Strategies, and Hacker Techniques.
Experience in complex multi-site LAN/WAN environments.
Experience in packet analysis, routing protocols, access control, and syslog.
Experience with network applications, such as Firewall Security and Virtual Private Networking.
Experience with Ethernet and TCP/IP.
Experience in Windows NT and Windows 2000/2003 Active Directory.
Knowledge of network and host IDS.
Knowledge of Exchange, IIS, and Apache
Knowledge of voice communications (VOIP)
Project skills including work plan development and management, and accomplishing projects within budget.
Demonstrates a commitment to service, organization values and professionalism through appropriate conduct and demeanor at all times.
Adheres to and exhibits our core values :
Reverence : Having a profound spirit of awe and respect for all creation, shaping relationships to self, to one another and to God and acknowledging that we hold in trust all that has been given to us.
Integrity: Moral wholeness, soundness, uprightness, honesty and sincerity as a basis of trustworthiness.
Compassion: Feeling with others, being one with others in their sorrows and joys, rooted in the sense of solidarity as members of the human community.
Excellence: Outstanding achievement, merit, virtue; continually surpassing standards to achieve/maintain quality.
Maintains confidentiality and protects sensitive data at all times.
Adheres to organizational and department specific safety standards and guidelines.
Works collaboratively and supports efforts of team members.
Demonstrates exceptional customer service and interacts effectively with physicians, patients, residents, visitors, staff and the broader health care community.
Job Information Technology
Primary Location COLORADO-ENGLEWOOD-DENVER MERIDIAN NORTH
Daily Schedule Days
Scheduled Hours per 2-week Pay Period 80
Weekends Required Occasional
Req ID: 2017-R0120157