Johnson City, TN
5 - 7 years
Posted 53 days ago
SCOPE OF POSITION
The I.S. Security Engineer works for the IS Director of Information Security to aid in delivering secure solutions for Mountain States Health Alliance. Information Security Engineer must have experience with information security technologies, policies, and procedures as a foundation for this analyst position. Information Security Engineering will also be required to perform additional information security duties as assigned.
MSHA expects that every team member will role model Patient-Centered Care behaviors and be guided by MSHA’s Values and the Principles of Patient-Centered Care.
It is vital that an individual in this position be capable of good communication skills. It is of the utmost importance that written communication is legible.
MSHA expects all team members to support the VOS initiative by demonstrating awareness of the VOS system and effectively applying it to his/her work.
Job duties of this position may require access to protected patient information (PHI). The team member will be accountable for appropriate use of the record and compliance with all confidentiality and security policy and procedures related to use, access, and disclosure of PHI.
Reports to the IS Director of Security.
EDUCATION AND EXPERIENCE
QUALIFICATIONS REQUIRED (minimum needed to begin in the job):
• The I.S. Security Engineer must have a minimum of 5 years’ experience in computing, networking, application, and information security technology.
• The I.S. Security Engineer must have a basic understanding of design, implementation and operational experience with security technologies that includes, but is not limited to, IDS/IPS, Firewalls, Log Analysis, SIEM, Network Behavior Analysis tools, Antivirus, Identity Management and governance technologies, SSO and Federation technologies, RBAC and fine grained access control strategies, web application authentication processes, Network Packet Analyzers and basic malware analysis.
• The I.S. Security Engineer must have a fundamental understanding of Networks, TCP/IP and other routing/switching protocols, load balancers, PKI/SSL/TLS, related security architectures, and remote access security techniques and products.
• The I.S. Security Engineer must have a fundamental understanding of Windows and Linux Server administration and securing operating systems, virtualization technology, Active Directory Group Policy, and intermediate scripting ability.
• The I.S. Engineer must be able to troubleshoot.
• The I.S. Engineer must have excellent communication skills (written and verbal).
• The I.S. Security Engineer must have a BA/BS in Computer Science, Management Information Systems, or equivalent experience.
Preferred Qualifications and Experience:
• The I.S. Security Engineer should have some knowledge of regulatory compliance including, but not limited to, HIPAA, HITECH, NIST, PCI-DSS.
• The I.S. Security Engineer should have one or more security certifications that includes, but not limited to CISSP, GSEC, GIAC, CEH, GISP, or other related information security certifications. Any candidate that has any of these certifications will be given preference.
• Bachelor’s Degree in Business, Computer Science, Management Information Systems, Engineering or equivalent work experience.