Information Security Specialist II, FT, Days

Inspire health. Serve with compassion. Be the difference.

Job Summary

The Information Security Specialist II is responsible for maintaining the security and integrity of the organization's data, leveraging an in-depth understanding of cyber security threats, technologies, and countermeasures to ensure secure computer systems. Knowledge and experience with technology security issues across all platforms and business units, including networking, applications, Identity and Access Management, Operating systems, Cloud services, Email gateway, Privileged Access Management, Vulnerability management, Database Security, Data Loss Prevention, Endpoint Security, and Software Development.

Assists in safeguarding information system assets, data, and all security risks. Assists in researching security controls, vulnerabilities, enterprise and cloud risks, and develops effective strategies and control measures to mitigate all security risks. Helps reduce security threats by examining infrastructure, devices, processes, procedures, identifying security flaws and threat vectors, and following up with prompt solutions. This is a mid-level technology-oriented position protecting the confidentiality, integrity, and availability of information systems and data of employees, partners, and patients.

Essential Functions

• All team members are expected to be knowledgeable and compliant with Prisma Health's values: Inspire health. Serve with compassion. Be the difference.
• Administers security software or systems to prevent attacks, monitor and audit systems, and protect against network breaches.
• Utilizes advanced-level expertise in one or more technology disciplines: networking, systems management, and cloud services. Works on-call shifts and performs duties assigned by the supervisor.
• Remediates security risks and exposures, assisting in determining causes of security violations.
• Provides hands-on experience working in cybersecurity for cloud and hybrid cloud environments. Supports vulnerability management programs, including systems, networks, applications, and software development.
• Implements solutions for integration/interoperability security issues, meeting current and future business requirements, and optimizing existing architecture. Monitors information security trends, standards, and practices to identify areas lacking appropriate security controls and recommends improvements.
• Responsible for executing processes within all activities of the security incident response lifecycle, including detection, triage, analysis, containment, recovery, and reporting.
• Assists in developing techniques and procedures for cyber security risk assessments and compliance audits, evaluating hardware, firmware, and software for security impacts.
• Assists in reviewing proposed new systems, networks, and software for potential security risks; implements mitigation measures and resolves integration issues.
• Performs third-party security architectural assessments, evaluating security practices of Prisma Health partners and service providers. Supports ad-hoc security consulting requests and team projects.
• Assists in evaluating risks and threats, developing, implementing, and maintaining IT security policies and procedures for secure and uninterrupted IT operations.
• Performs other duties as assigned.

Supervisory/Management Responsibilities

• This is a non-management role reporting to a supervisor, manager, director, or executive.

Minimum Requirements

• Education: Bachelor's degree in Computer Science.
• Experience: Two (2) years of IT experience.

In Lieu Of

• A combination of technical experience, information security experience, professional certifications, and education may be evaluated by security leadership as equivalent.

Required Certifications, Registrations, Licenses

• CISSP, CISA, CISM, CEH, AWS, Microsoft, Linux, or equivalent certifications.

• Experience with networking technologies, IPS, Firewalls, APT Systems, Directory Services, Risk Management, Cloud Technologies, Vulnerability Management, Splunk, SIEM, Endpoint Security, Web Security Gateways, and Email Security.
• Knowledge of frameworks such as NIST 800-53, NIST CSF, ISO 27001, NIST 800-37, and regulations including PCI-DSS, HIPAA, High Trust, Privacy, and PHI.

Work Shift

Location

Facility

Department

Share your talent with us! Our vision is simple: to transform healthcare for the benefit of the communities we serve. The transformation of healthcare requires talented individuals in every role here at Prisma Health.