Cyber Security Analyst
Full Time (Monday - Friday 8:00am - 5:00pm)
Works under the guidance of Cyber Security Manager to ensure the secure operation and efficient performance of IT infrastructures.
Assist in ensuring security assessment is completed per hospital requirements.
Assist in developing action plan to address findings in the security assessment.
Assist in working the action plan to completion.
Work with external vendors to help determine their security posture and compliance with MRHC’s security standards.
Identify areas concerns or negative findings.
Perform network and system surveillance and compile incident reports.
Perform daily system monitoring, verifying the integrity, security and availability of all cyber security resources; reviewing system and application logs.
Assist in patch management of organizational assets.
Provide support to resolve complex security operational problems.
Communicates and escalates incidents and requests beyond scope of ability to appropriate resources
The primary role of this position is to assist in preventing cyber security attacks internally and externally and prevent the theft or loss of sensitive information for Magnolia Regional Health Center (MRHC). This position will coordinate and conduct risk assessments with external vendors that MRHC works with and is sharing sensitive organizational information. The position will perform network surveillance and compile incident reports. The position will advise, develop and write policies, procedures, departmental operating instructions (DOIs) and guidelines to help the organization to have a solid cyber security framework. The position will conduct cyber security education with all MRHC staff and give updates to the IT leadership team. The position will research, evaluate, and recommend systems and procedures for the prevention, detection, containment, and correction of data security breaches. The position directs the planning and implementation of enterprise IT system, business operation, and facility defenses against security breaches and vulnerability issues. The position will need to have the technical skills to implement and administer the systems under their purview. The position will need to live within 30 minutes of the hospital to be part of the on call technical rotation. They will also be given projects or other duties that are suitable to their skill set and time allowances.
DUTIES INCLUDE BUT ARE NOT LIMITED TO:
1. Security Operations
2. Reporting and Documentation
Write policies that are needed to maintain cyber security regulatory requirements and standards.
Maintain policies and update as needed.
Logs and tracks incidents and requests; reviews incident and request tracking databases to ensure compliance with departmental Service Level Agreement.
Documents systems and procedures, and ensure that all engineering artifacts are maintained.
Develop and maintain documentation to include, but not limited to, system configuration, system deployment, system administration, operational instructions, and help desk support documents for all applications and solutions.
3. Leadership in Initiatives or Programs
Assist in researching, evaluating, and recommending systems and procedures for the prevention, detection, containment, and correction of data security breaches.
Assist in providing supporting materials for solutions needed by the organization to better protect organizational and customer data.
Assist in assembling budget material to put in the department’s budget requests.
Plan and implement enterprise IT systems to protect business operations and facility defenses.
Participates in meetings, committees and continuing education to improve individual, departmental and organizational performance.
Complete other projects or other duties that are suitable to their skill set and time allowances.
KNOWLEDGE, SKILLS & ABILITIES
Good critical thinking skills.
Demonstrated ability to be self-directed with excellent organizational, analytical, and interpersonal skills.
Excellent presentation skills and conflict resolution skills.
Must have an in-depth ability to operate various computer software programs including but not limited to Microsoft Office Suite applications.
Excellent troubleshooting, listening, and problem-solving skills.
Must possess strong skills in project management, business process redesign, written/verbal communication, physician relations, and customer satisfaction.
Ability to multi-task and stay organized while dealing with multiple projects at one time.
Must be a skilled decision-maker that works proactively in a high stress environment.
High School Diploma or equivalent required.
Associate's degree in Computer Science or related technology field or equivalent work experience.
Certifications in CISSP, CISM, Security +, SSCP and CEH are highly desirable.
3 years of Information Systems experience required.
PHYSICAL DEMANDS/WORKING CONDITIONS- Requires prolonged sitting, some bending, stooping and stretching, eye-hand coordination and manual dexterity sufficient to operate a keyboard, photocopier, telephone, calculator and other office equipment. Requires normal range of hearing and eyesight to record, prepare and communicate appropriate reports. Requires lifting papers or boxes, up to 50 pounds occasionally. Work is performed in an office environment. Work may be stressful at times. Contact may involve dealing with angry or upset people. Staff must remain flexible and available to provide staffing assistance for any/all disaster or emergency situations.
OSHA CATEGORY– The normal work routine involves no exposure to blood, body fluids, or tissues (although situations can be imagined or hypothesized under which anyone, anywhere, might encounter potential exposure to body fluids). Persons who perform these duties are not called upon as part of their employment to perform or assist in emergency care or first aid, or to be potentially exposed in some other way.