Company :

Job Description :

JOB SUMMARY

This job is responsible for completion of day-to-day operations of the Identify and Access Management Department in relation to user account lifecycle management. This position will be responsible for managing the Access Management ticket queue and handling first line defense for security related tickets and requests.

ESSENTIAL RESPONSIBILITIES

• Ticket and request handling.
• Updating and creating policies, procedures, and standards for the department.
• Perform quarterly user access recertification.
• Assist with developing and maturing the Role Based Access Control (RBAC) framework.
• Participate in internal and cross-functional projects.
• Other duties as assigned or requested.

EDUCATION

Required

• Associate's Degree in Information Security, Information Systems, Information Assurance, Computer Science, or related field

Substitutions

• 3 years of related and progressive experience in lieu of Associate's degree

Preferred

• Bachelor's degree in Information Security, Information Systems, Information Assurance, Computer Science, or related field

EXPERIENCE

Required

• 1 year in Information Security and Risk Management with a focus on Role Life-Cycle Management
• 1 year in Information Technology
• 1 year of developing, communicating and presenting Information Security and Risk Management concepts to varying audiences

Preferred

• 1 year within an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework

LICENSES or CERTIFICATIONS

Required

• None

Preferred (any of the following)

• Information Technology Infrastructure Library (ITIL)
• Security

SKILLS

• Knowledge of HITRUST CSF, NIST 800-83 cyber security framework, Payment Card Industry (PCI), Health Insurance Portability & Accountability Act (HIPAA), HITECH, COBIT, International Organization for Standardization (ISO) 27001/2, and ITIL
• Working Knowledge in Role Analytics
• In-depth understanding of network security architecture, network and networking protocols

Language (Other than English):

None

Travel Requirement:

0% - 25%

PHYSICAL, MENTAL DEMANDS and WORKING CONDITIONS

Position Type

Office-based

Teaches / trains others regularly

Occasionally

Travel regularly from the office to various work sites or from site-to-site

Rarely

Works primarily out-of-the office selling products/services (sales employees)

Never

Physical work site required

Yes

Lifting: up to 10 pounds

Constantly

Lifting: 10 to 25 pounds

Occasionally

Lifting: 25 to 50 pounds

Rarely

Disclaimer: The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job.

Compliance Requirement : This job adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies.

As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company’s Handbook of Privacy Policies and Practices and Information Security Policy.

Furthermore, it is every employee’s responsibility to comply with the company’s Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.

Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, age, religion, sex, national origin, sexual orientation/gender identity or any other category protected by applicable federal, state or local law. Highmark Health and its affiliates take affirmative action to employ and advance in employment individuals without regard to race, color, age, religion, sex, national origin, sexual orientation/gender identity, protected veteran status or disability.

EEO is The Law

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled/Sexual Orientation/Gender Identity ( https://www.eeoc.gov/sites/default/files/migrated_files/employers/poster_screen_reader_optimized.pdf )

We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact number below.

For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org

California Consumer Privacy Act Employees, Contractors, and Applicants Notice