IT Security Consultant - Identity Access Management
5 - 7 years experience •
This position formulates and defines information security scope and objectives based on both user needs and a good understanding of applicable industry and regulatory requirements. Designs and implements complex network or application securityarchitectures. Conducts security reviews and oversees any subsequent remediation projects generated from the review. Guides and advises less experienced peers. Competent to work at the highest practical understanding of most phases of information security analysis and design as it applies to current and future system requirements.
- Leads or participates in security reviews, evaluations, and risk assessments, developing and implementing appropriate recommendations.
- Leads or performs analysis of companys information securityarchitecture, including hardware and software components, with the objective of standardizing security throughout our infrastructure. Responsible for designing various securityarchitectures in accordance with accepted industry standards and subsequent implementation oversight.
- Participates in the ongoing evaluation and development of security policies and procedures. Leads the revision of policies and procedures, as needed.
- Responsible for providing technical expertise and support for security software, including operational aspects of the software. Responsible for mentoring junior members of the team and may supervise the work of the department in the absence of immediate supervisor.
- Responsible for providing guidance, direction, and oversight for companys compliance with all federal, state, and local mandated information security laws, rules, and guidelines. Remain current with the latest industry technical information.
- Serves as primary leader of information security projects, including the development of project scope requirements, budgeting, and project planning.
- Coordinates the handling of security incidents, recoveries, breaches, intrusions, and system abuses.
Must possess strong knowledge of business, information security and/or computer science as normally obtained through the completion of a bachelor's degree.
Certification in one of the following areas within one year of entering the positionSystems Security Certified Practitioner (SSCP), HealthCare Information Security & Privacy Practitioner, (HCISPP), Payment Card Industry Internal Security Assessor (PCI-ISA), CompTIA Security+, Certified Information Systems Security Professional (CISSP), or Certified Information Systems Auditor (CISA).
Must also possess 6 years experience in a healthcare environment or an equivalent combination of relevant education, technical, business and healthcare experience.
Requires independent judgment, critical decision making, excellent analytical skills, with excellent verbal and written communications. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; ability to balance project workloads with customer support and on-call demands. Must demonstrate general knowledge of information technology and information security principles and practices. Needs experience in small scale project planning and reporting either individually or in a team. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate, and interact across facilities and at various levels. Incumbent will have skills to mentor less experienced team members. As is typical in this industry, variable shifts and hours and carrying/responding to a pager may be required.
Additional related education and/or experience preferred.
Job Number 214023