New England Baptist Hospital IT Security Analyst, (Full Time, 40 Hours, Day Shift) in Boston, Massachusetts
IT Security Analyst, (Full Time, 40 Hours, Day Shift)
Category: Information Systems
Department: Information Systems - 823100
Position Type: Regular
Shift: Day Shift
Hours Per Week: Full time 40 hours per week
Understands and supports the mission, vision and values of New England Baptist Hospital
Incorporates the "ROSE philosophy" into daily work activities. ROSE stands for:
Respect - Exhibits integrity, trust and courtesy with regard to fellow employees, physicians and patients
Ownership - Remains accountable to NEBH's core values and uses resources appropriately
Superior Service - Exhibits an attitude in which all customer requests are considered reasonable and addressed in a timely, accurate, compassionate and friendly manner
Excellence - Meets or exceeds the expectations of patients, staff and employees by achieving optional outcomes through continuous evaluation and improvement of programs and services
Understands and adheres to NEBH policies and compliance standards as they appear in the NEBH Organizational Policies and Procedures Manual, including but not limited to the NEBH Compliance Policy, Code of Business Conduct, Attendance, and Dress to Impress Policies.
Supports NEBH quality improvement initiatives by continually improving and raising the quality of care and services for patients, families, visitors, and other staff throughout the organization.
Takes initiative to learn more about the department/discipline, actively participates in improvement and/or problem-solving efforts with the goal of achieving excellence.
Keeps abreast of all pertinent federal, state, Joint Commission and NEBH regulations, laws, and policies as they presently exist and as they change or are modified.
Performs any other function or responsibility as assigned.
The Baptist Way Service Standards
Legendary Service - - We treat patients and others with courtesy, respect and care.
Self-Management - - We present a positive image of New England Baptist Hospital from professional appearance through behavior: [R]espect [O]wnership [S]uperior Service [E]xcellence.
Communication - - We actively listen to the needs of patients and others before responding in a courteous and tactful manner.
Continuous Performance Improvement - - We fulfill responsibility effectively and efficiently to achieve the greatest benefit for our patients, visitors and each other.
Positive Workplace/Joy and Pride in Workplace - - We recognize and reward behavior that exemplifies our values and mission.
Principal Duties and Essential Functions
Responsible for ensuring a secure computing environment throughout the organization. Implement security services, appliances, systems, policies, and procedures for protecting information assets from threats, both external and internal. Provide advanced skills in identifying and eliminating security risks, threats, and vulnerabilities.
Research, evaluate, architect, implement, and maintain networking technologies that ensure a secure environment. Develop a defense-in-depth solution that provides protection, proactively monitors for threats, and regularly reports on security incidents and metrics. Implement policies and procedures that follow industry best practices and compliance frameworks, including HIPAA, ISO, HITECH, NIST, SANS Top 20, OWASP Top 10, etc. Stay current with evolving security trends, risks, and technologies.
Prepare, conduct, and remediate results of both internal and external audits, security/risk assessments and vulnerability scans of the enterprise environment. Assist with the security evaluation of vendors and applications. Provide and/or support security awareness training within the organization.
Act as a knowledge resource and provide secondary support for existing network devices and services, i.e. firewalls, switches, load balancers, remote access/VPN, DNS, wireless, etc. Demonstrate knowledge of network security technologies, e.g. IDS/IPS, DLP, PKI, SSL, Certificates, etc. Document, potential security breaches and follow organizational procedures for incident response. Provide advanced problem solving skills, with required attention to detail, and exhibit an in-depth knowledge of industry-standard networking/security concepts and technologies. Present exceptional customer service in the course of troubleshooting and other interactions with employees, physicians, and clinicians.
Has successfully completed a Bachelor's degree in Computer Science, Computer Engineering, Information Technology or can demonstrate equivalent work experience in a network security environment.
Advanced knowledge of general networking concepts, technology, and tools.
Detailed technical knowledge of network security, authentication, protocols, and encryption.
Demonstrated experience with development and support of information security programs.
Completion of industry certification a plus, e.g. CCNA, CCIE, CISSP, GIAC
Ability to collaborate with IT, executives, and business stakeholders to achieve objectives.
Experience with healthcare organizations is a plus.
Must be able to work 40 hours per week, Monday-Friday.
Have strong written, verbal and interpersonal communication skills.
Organized, detail oriented, and analytical.
Strong team player that can work independently when needed.