New England Baptist Hospital IT Security Analyst, (Full Time, 40 Hours, Day Shift) in Boston, Massachusetts

IT Security Analyst, (Full Time, 40 Hours, Day Shift)


Boston, MA

Category: Information Systems

Department: Information Systems - 823100

Position Type: Regular

Shift: Day Shift

Hours Per Week: Full time 40 hours per week

FT/PT/PD: Regular

Employee Expectations

  • Understands and supports the mission, vision and values of New England Baptist Hospital

  • Incorporates the "ROSE philosophy" into daily work activities. ROSE stands for:

  • Respect - Exhibits integrity, trust and courtesy with regard to fellow employees, physicians and patients

  • Ownership - Remains accountable to NEBH's core values and uses resources appropriately

  • Superior Service - Exhibits an attitude in which all customer requests are considered reasonable and addressed in a timely, accurate, compassionate and friendly manner

  • Excellence - Meets or exceeds the expectations of patients, staff and employees by achieving optional outcomes through continuous evaluation and improvement of programs and services

  • Understands and adheres to NEBH policies and compliance standards as they appear in the NEBH Organizational Policies and Procedures Manual, including but not limited to the NEBH Compliance Policy, Code of Business Conduct, Attendance, and Dress to Impress Policies.

  • Supports NEBH quality improvement initiatives by continually improving and raising the quality of care and services for patients, families, visitors, and other staff throughout the organization.

  • Takes initiative to learn more about the department/discipline, actively participates in improvement and/or problem-solving efforts with the goal of achieving excellence.

  • Keeps abreast of all pertinent federal, state, Joint Commission and NEBH regulations, laws, and policies as they presently exist and as they change or are modified.

  • Performs any other function or responsibility as assigned.

The Baptist Way Service Standards

  • Legendary Service - - We treat patients and others with courtesy, respect and care.

  • Self-Management - - We present a positive image of New England Baptist Hospital from professional appearance through behavior: [R]espect [O]wnership [S]uperior Service [E]xcellence.

  • Communication - - We actively listen to the needs of patients and others before responding in a courteous and tactful manner.

  • Continuous Performance Improvement - - We fulfill responsibility effectively and efficiently to achieve the greatest benefit for our patients, visitors and each other.

  • Positive Workplace/Joy and Pride in Workplace - - We recognize and reward behavior that exemplifies our values and mission.

Principal Duties and Essential Functions

Responsible for ensuring a secure computing environment throughout the organization. Implement security services, appliances, systems, policies, and procedures for protecting information assets from threats, both external and internal. Provide advanced skills in identifying and eliminating security risks, threats, and vulnerabilities.

Research, evaluate, architect, implement, and maintain networking technologies that ensure a secure environment. Develop a defense-in-depth solution that provides protection, proactively monitors for threats, and regularly reports on security incidents and metrics. Implement policies and procedures that follow industry best practices and compliance frameworks, including HIPAA, ISO, HITECH, NIST, SANS Top 20, OWASP Top 10, etc. Stay current with evolving security trends, risks, and technologies.

Prepare, conduct, and remediate results of both internal and external audits, security/risk assessments and vulnerability scans of the enterprise environment. Assist with the security evaluation of vendors and applications. Provide and/or support security awareness training within the organization.

Act as a knowledge resource and provide secondary support for existing network devices and services, i.e. firewalls, switches, load balancers, remote access/VPN, DNS, wireless, etc. Demonstrate knowledge of network security technologies, e.g. IDS/IPS, DLP, PKI, SSL, Certificates, etc. Document, potential security breaches and follow organizational procedures for incident response. Provide advanced problem solving skills, with required attention to detail, and exhibit an in-depth knowledge of industry-standard networking/security concepts and technologies. Present exceptional customer service in the course of troubleshooting and other interactions with employees, physicians, and clinicians.


  • Has successfully completed a Bachelor's degree in Computer Science, Computer Engineering, Information Technology or can demonstrate equivalent work experience in a network security environment.

  • Advanced knowledge of general networking concepts, technology, and tools.

  • Detailed technical knowledge of network security, authentication, protocols, and encryption.

  • Demonstrated experience with development and support of information security programs.

  • Completion of industry certification a plus, e.g. CCNA, CCIE, CISSP, GIAC

  • Ability to collaborate with IT, executives, and business stakeholders to achieve objectives.

  • Experience with healthcare organizations is a plus.

  • Must be able to work 40 hours per week, Monday-Friday.

  • Have strong written, verbal and interpersonal communication skills.

  • Organized, detail oriented, and analytical.

  • Strong team player that can work independently when needed.