|Location||Cleveland Heights, OH|
|Date Posted||January 10, 2019|
The Information Security Team Lead identifies, investigates, resolves and develops processes, procedures and associated documentation relative to security of computer systems, networks and telecommunications along with addressing privacy, confidentiality and standards administration.
- Focuses on Information security operations and program management serving as a leader for managing all aspects of security tools, processes and technologies.
- Lead day to day operations of the Information Security team
- Trains and develops a team of skilled Information Security analysts.
- Contributes to and maintains technical computer and network security systems
- Advise and solve Security issues involving the network and systems operations for Enterprise.
- Assist teams with the development, maintenance and documentation of security procedures - Analyze issues, facts and available information to develop logical solutions; researching inconsistencies found in data; drawing correct inferences from information and making recommendations that support business decisions
- Ensure effective implementation of Vulnerability management program and security monitoring program and working with network and system engineers to participate in vulnerability identification and patching.
- Excellent understanding of IDS/IPS and various methods to detect and prevent network attacks
- Operational support for Information Security Products & Services like Intrusion Prevention Systems, Network Access Control, Email Security, Vulnerability Scanning, URL filtering, SIEM (new deployments, hardware refresh/upgrades, and migrations)
- Monitors and reviews logs of computer systems and network activities for possible unauthorized intrusion and access.
- Security policy administration on various products that are under the teams support - Support and lead compliance initiatives that fall under the Core Security team.
- Contributes to and maintains Information Security policies and procedures.
- Reviews, assesses, studies, and analyzes the procedures and documentation relative to privacy and security issues.
- Acts as a technical leader and coordinator for the Information Technology Incident Response Team
- Acts in the capacity as the most senior technical expert for all information security technologies, tools, and processes.
- Works with Information Security Senior Management and healthcare system legal counsel relative to difficult privacy and security issues.
- Works with Information Security Senior Management and other healthcare system personnel in conducting audits and tests of various security systems.
- Recommends and coordinates the use of consultants for specialized activities relative to health information privacy and security.
- Coordinates and facilitates problem resolution sessions where multiple departments and/or service areas are involved.
- Effectively communicates and explains technology to non-technical people to encourage understanding and participation in technology planning.
- Uses a systematic approach for the identification and resolution of complex privacy and security issues.
- Leads the staff operations of the Information Security department.
- Builds training and awareness plans around tools and processes.
- Provide on call support for production and non-production issues.
- Proactively keeps abreast of new technology trends and investment opportunities so that informed recommendations can be made in support of hospitals business needs.
- Conduct research into new technologies, including tools, components, and frameworks.
- Attend workshops and seminars to maintain a high level of knowledge and capabilities
- Bachelors degree in Information Technology, Computer Science, or a related field.
- Certification in Cisco/Microsoft is desirable
- Certification in the information security areas such as the CISSP (Certified Information Systems Security Specialist) is desirable.
- 5 to 10 years of progressive experience in information security, information management, information systems, identity management, access control and/or risk management is required.
- Experience implementing and maintaining information security technologies, such as: IDS/IPS, malware prevention, end-point protection, multi-factor authentication, security information and event management (SIEM), web content filtering, encryption, network access control (NAC), data loss prevention (DLP), firewall administration and vulnerability scanners.
- Strong understanding of general networking and design (Firewalls, Routing, Load Balancing, OSI Model, TCP/IP, Packet trace and analysis using Wireshark and TCPDUMP)
- Thorough understanding of enterprise security design, network design concepts and fundamentals
- Excellent written, interpersonal and communication skills.
- Knowledge of various health care privacy, security and associated laws, rules and regulations including HIPAA/HITECH preferred.