This site uses cookies. To find out more, see our Cookies Policy

Information Security Director in Gardena, CA at Avanti Hospitals

Date Posted: 11/6/2018

Job Snapshot

Job Description

Memorial Hospital of Gardena

Job Title: Information Security Director 

City: Gardena / State: California    

Information Technology

Day Shift

From 9:00 AM

To 5:30 PM

                                      


Job Description and Job Responsibilites

Job Title: Information Security Director

 

Job Summary: The Information Security Director primary responsibility is to oversee the security of information at the organization. The Information Security Director will serve as the day to day operational information security leader at Avanti Hospitals.  Responsibilities include designing, planning, coordinating and management of various security focused systems and operational processes including but not limited to: vulnerability management, IPS/IDS, logging and event correlation, incident response, systems and network security hardening, threat analysis, and malware response and mitigation. The Information Security Director will report to the Chief Information Officer, and collaborate closely with the other Directors and Directors within the organization.

Essential Job Duties:

  • Develop and maintain user security profiles for Avanti Hospital’s major systems.
  • Responsible for defining and managing application security configurations.
  • Conduct security reviews of Avanti Hospital’s clinical and business systems.
  • Manage continuous monitoring of Avanti Hospital’s network, system, and application security controls.
  • Manage continuous monitoring of Avanti Hospital’s security and event logging.
  • Organize and facilitate interdepartmental communication to identify and resolve security issues.
  • Create and maintain documentation for security change control.
  • Document and explain deviations from security standards.
  • Provide leadership and guidance to the organization regarding requests that impact security.
  • Develop project charters and objectives and provide leadership regarding the implementation of security solutions and/or controls.
  • Ensure the integrity and protection of networks, systems, and applications by enforcement of organizational security policies, and effective operation of security solutions and/or controls.
  • Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system, and internal/external vulnerability scans.
  • Maintain current knowledge of relevant information security threats and technologies.
  • Participate in special projects as assigned.

 Behavioral Standards:

  •  Exhibits excellent customer and service oriented behaviors in every day work interactions.
  • Demonstrates a courteous and respectful attitude to internal workforce and external customers.

 Communication/Knowledge:

  • Provides accurate and timely written and verbal communication of information in a manner that is understood by all.
  • Able to listen, understand, problem-solve, and carry-out duties to ensure the optimal outcome.
  • Able to use IT systems in an accurate and proficient manner.

  Collaboration/Teamwork:

  •  Contributes toward effective, positive working relationships with internal and external colleagues.
  • Demonstrates cooperation, flexibility, reliability, and dependability in all daily work activities and a willingness to collaborate with others for the good of the customer and the organization.
  • Must be able to function in a dynamic environment subject to impromptu changes in schedules and priorities.




Job Requirements

Education/Experience:

  • Associate's Degree required. Degree in Computer Sciences, Information Technology or relevant work experience in such field preferred.
  • 5+ years of experience in network security and system security administration.
  • Strong knowledge (3+ years of experience) with vulnerability management and security penetration techniques.
  • Experience with a wide range of network equipment and security systems in use at the organization (e.g. ; next generation firewalls, Cisco IOS, Cisco switches, understanding of IPS (Intrusion Prevention Systems), threat analysis and protection, sandboxing, experience and understanding of IDS (Intrusion Detection System), IMS (Identity Management System), data exfiltration, and auditing and event logging solutions.)
  • Solid knowledge of HIPAA, PCI, and other IT security standards.
  • Experience with NIST and ISO frameworks.
  • Experience in healthcare provider setting preferred.
  • Demonstrated knowledge of common information technology platforms and standards.

Licensure/Certifications:

  •  CISSP certified or willingness to obtain CISSP certification within one year of hire.

 ADA/Physical Demands:

  •  To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Such accommodations must be requested by the employee/applicant in order to be considered.
  • Required to stand; walk; sit; use of hands and fingers to handle, or feel; reach with hands and arms; stoop, kneel, crouch, or crawl; talk and hear; and may taste and smell. The employee is regularly required to lift, push and/or pull weights in excess of 10 pounds, with assistance. Visual abilities, auditory abilities, must be intact to perform duties.

 

Job Requirements

Education/Experience:

  • Associate's Degree required. Degree in Computer Sciences, Information Technology or relevant work experience in such field preferred.
  • 5+ years of experience in network security and system security administration.
  • Strong knowledge (3+ years of experience) with vulnerability management and security penetration techniques.
  • Experience with a wide range of network equipment and security systems in use at the organization (e.g. ; next generation firewalls, Cisco IOS, Cisco switches, understanding of IPS (Intrusion Prevention Systems), threat analysis and protection, sandboxing, experience and understanding of IDS (Intrusion Detection System), IMS (Identity Management System), data exfiltration, and auditing and event logging solutions.)
  • Solid knowledge of HIPAA, PCI, and other IT security standards.
  • Experience with NIST and ISO frameworks.
  • Experience in healthcare provider setting preferred.
  • Demonstrated knowledge of common information technology platforms and standards.

Licensure/Certifications:

  •  CISSP certified or willingness to obtain CISSP certification within one year of hire.

 ADA/Physical Demands:

  •  To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. Such accommodations must be requested by the employee/applicant in order to be considered.
  • Required to stand; walk; sit; use of hands and fingers to handle, or feel; reach with hands and arms; stoop, kneel, crouch, or crawl; talk and hear; and may taste and smell. The employee is regularly required to lift, push and/or pull weights in excess of 10 pounds, with assistance. Visual abilities, auditory abilities, must be intact to perform duties.