Overview

Emory Healthcare (EHC), part of Emory University, is the most comprehensive academic health system in Georgia committed to providing the best care for our patients, educating health professionals and leaders for the future, pursuing discovery research in all of its forms, including basic, clinical, and population-based research, and serving our community. As the clinical enterprise of the Robert W. Woodruff Health Sciences Center of Emory University, Emory Healthcare is dedicated to the unifying core purpose, core values, and strategic direction of the Robert W. Woodruff Health Sciences Center.

Description

Information Security Analyst 

Salary: $29.30 - $53.04/hour.

The salary of the position is based on specific criteria met within the qualifications of relevant experience, skills, performance and internal equity. 

Job Description:

The Information Security Analysts coordinate and perform information system and third-party risk assessments, following a NIST-based methodology.

• Assist in guiding business owners and end-users on the implementation of solutions that comply with IS security policies and standards.
• Assist in prioritizing departmental tasks including new risk assessments and cybersecurity variance requests according to departmental processes.
• Clearly document assessments, variances, findings, and remediation plans in Archer.
• Maintain a current knowledge of applicable federal and state privacy laws and accreditation standards, and monitor advancements in information privacy and security technologies to ensure adaptation and compliance.
• Maintain awareness of new technologies and related opportunities for impact on system or application security.
• Conduct information security research in keeping abreast of latest security issues and keeps abreast of testing tools, techniques, and process improvements in support of security event detection and analysis.

Minimum Qualifications:

• Bachelors degree (B.A. / B.S.) or equivalent from an accredited college or university required
• 3-5 years of experience with IT, information security, risk analysis, security risk configuration development, or information security audit required
• Demonstrated understanding of common healthcare technology implementation architectures, common cloud security configurations, identity management solutions and, technologies and application of risk analysis.
• Demonstrable natural aptitude with object relationship and cause/effect.
• Demonstrable familiarity with HIPAA, GDPR, HITECH, and other appropriate information security and information privacy regulatory requirements for healthcare entities a plus.
• In depth knowledge of NIST 800-53, ISO 27K, GDPR, PCI-DSS is desirable.
• Any of the following certifications is a plus: ITIL, any of the following Information Security Certifications: CISSP, HCISSP, CISM, CISA, CIPP, CIPM, CIPT, CPHIMS, PCIP, GSEC, GCIH, GCFE, GCFA, CEH, GPEN, and PM A combination of education and analogous experience may be substituted for some requirements.

Skills/Abilities/Competencies:

• Possess strong interpersonal skills to effectively communicate with cross functional teams including staff at all levels of the organization.
• Outstanding time management and organizational skills required.
• An ability to work under the required guidelines and deliver on business/project requirements.
• Ability to work with both team members and staff in a professional manner.
• Comfortable working in a dynamic environment with multiple work streams, goals, and objectives.
• Possess ability to recommend to ISPO leadership team to prioritize project related tasks.
• Excellent vocabulary, written and verbal communication and effective interpersonal skills is critical. Understanding of Windows, Unix/Linux operating systems, security administration, virtualization, and TCP/IP networking concepts.
• Ability to work independently with minimal supervision.
• Ability to successfully negotiate and collaborate with others of different skill sets, backgrounds and levels within and external to the organization.
• Strong problem solving and negotiation skills.
• Ability to effectively conduct meetings, both formal and informal.
• Requires minimal direction from leadership and possesses the ability to learn quickly.