Information Security Analyst
- Requisition ID
- 183784
- Department
- 100652 IT Security
- Schedule
- Full Time - Eligible for Benefits
- Shift
- Day
- Category
- Information Technology
- Salary
- 34.40 - 48.16
Position Purpose
This positionis responsible for analyzing and reporting on IT infrastructures and platforms to ensure the confidentiality, availability, and integrity of data across the health system. The ISA delivers qualitative and quantitative analysis of the systems and processes supporting the health system’s risk management program while managing multiple projects and maintaining technical currency with emerging security technology. While this role reports to the Chief Compliance Officer, this position also works with the Chief Information Security Officer (CISO) and applicable business units to prioritize risk and determine the best course of action for risk mitigation. The ISA helps develop and maintain security policies and procedures, as well as the education and awareness program.
Nature and Scope
The skills required in this position include creation, maintenance and monitoring of access control, data integrity, and data loss prevention all Renown systems, medical devices and associated information assets.
The analyst will be responsible for assisting with:
• Creation and maintenance of various department tools, that includes working with various information databases (e.g., SQL).
• Responses to audit action items that include providing supporting documentation to auditors, evaluating audit results for relevance/accuracy, and working with teams to remediate audit findings.
• Creating, updating, reviewing department and organizational wide policies and procedures to adhere to industry best practices, laws and organizational requirements.
• Responsible for organizational wide information security training and awareness to ensure employees understand the integral role they play in safeguarding the company’s information assets against unauthorized use and disclosure.
• Performs risk assessments on third party vendors evaluating on security best practices and legal requirements to ensure that Renown does not inherent unacceptable risk by doing business with that vendor.
• Works alongside team members to effectively analyze and assess any new technologies and/or ideas that would be considered a security risk and therein perform evaluations and give feedback on any recommended or required remediation.
• Responsible for the direct oversight and management of incidents that would be considered a security risk including system outages, malicious cyber threats and/or any situation where there is a loss of productivity due to system failure.
• Responsible for the development, setup, maintenance, and enforcement of identity access management and multi-factor authentication policies and procedures.
• Responsible for the implementation, maintenance and tuning of a data loss prevention program in order to assure data privacy and security is in compliance with company policies and state and federal laws.
• Responsible for vulnerability remediation and penetration testing of the Renown network to futureproof against potential exploits.
• Discover and report any systems and/or users that are not conforming to the Renown usage policy and report their findings to HR.
• Responsible for investigating, classifying, documenting, remediating and reporting on cyber security incidents that would be considered a risk to the company.
The incumbent, under guidance of the CISO, has the authority to change, determine and/or request the available resources required to ensure the security of the data communications network, and to make decisions and recommendations relative to maintaining a secure networking environment or improving business functionality. Decisions that must be referred to the CISO include software and hardware acquisitions, personnel management, policy deviations, financial matters, and changes that could adversely impact network security performance and/or integrity.
Also, under the guidance of the CISO, the cyber security analyst will be responsible for the maintenance of the identity access management and data loss prevention systems.
The analyst will audit user activity to enforce compliance with regulatory and Policy requirements to mitigate risk and protect Renown Health’s information assets.
This position does not provide patient care.
Disclaimer
The foregoing description is not intended and should not be construed to be an exhaustive list of all responsibilities, skills and efforts or work conditions associated with the job. It is intended to be an accurate reflection of the general nature and level of the job.
Minimum Qualifications
Requirements - Required and/or Preferred
Name | Description | |
|---|---|---|
Education: | Requires B.S. or B.A. in information technology or related field. Prefer concentration in information security or cybersecurity. Experience may be substituted for education on a year-for-year basis. Must have working-level knowledge of the English language, including reading, writing and speaking English. Prefer demonstrated ability in creating oral and written analytical reports and presentations. | |
Experience: | Requires expertise in network engineering or administration, and with Microsoft Productivity Suite, and 1 (one) year experience in data analysis. Information technology, information security, system administrator, or application administrator is a plus. | |
License(s): | None | |
Certification(s): | Preferred Certified Information Security Systems Professional (CISSP), Systems Security Certified Practitioner (SSCP), or Certified Information Systems Auditor (CISA). | |
Computer / Typing: | Must be proficient with Microsoft Office Suite, including Outlook, PowerPoint, Excel and Word and have the ability to use the computer to complete online learning requirements for job-specific competencies, access online forms and policies, complete online benefits enrollment, etc. |
Benefits
Renown Health exists to make a genuine difference in the health and well-being of the people and communities we serve. And it is through your passion that this mission is made real every day. The relationship with employees is the foundation for success as we proceed with our strategic direction. We strive to build upon this solid partnership by offering a comprehensive and competitive benefits package that meets the diverse needs of employees and their family members.
With my CAREER Rewards there's peace of mind in knowing that Renown Health is also fighting for the most important things in your life - family, finances and future. Navigate options and make sure you are getting the most value from your Nursing career with us.
Paid Time Off
401(k) Company Match
Flexible Work Environment
Renown Health is northern Nevada's healthcare leader and Reno's only locally owned, not-for-profit health system. We are an entire network of hospitals, primary care offices, urgent care centers, lab services, medical specialties, and x-ray and imaging services - with more than 7,000 nurses, doctors and care providers dedicated to the health and well-being of our community.
For Providers: Renown Health and the University of Nevada, Reno School of Medicine (UNR Med) are affiliate partners in Nevada's first integrated academic health system. The affiliation aims to improve the health of the community, region, and state through research, medical education, and expanded clinical care. Renown physicians participate as joint faculty at UNR Med for teaching, lectures, supervising clinical rotations, and other academic activities for the education of medical and physician assistant students, residents and fellows.