IS Security Analyst Sr
Assists the Information Security Manager, in defining, managing, and coordinating the diverse set of information security and internal controls and related activities comprising Tucson Medical Center’s Information Security Program. Implements a standardized security framework and ensures that the organization moves through the capability maturity process toward increasing levels of competencies in information security. Focused on developing and driving security strategies, policies/standards, ensuring the effectiveness of solutions, and providing security-focused consultative services to the organization. Provide expertise and assistance to IT projects to ensure the organizations infrastructure and information assets are protected.
Supports Information Services and Business Operations management in their efforts to identify and mitigate risks, implement necessary mitigating safeguards and controls, implement ongoing monitoring activities and countermeasures, and coordinate the multitude of activities.
Develops and delivers security awareness and compliance training programs.
Protects TMC information assets from intentional or inadvertent modification, disclosure or destruction, and provide support for applicable legal and regulatory requirements.
Ensures monitoring and compliance tracking for the protection of information assets to business units throughout the TMC enterprise based on the organization’s information security strategy, governance guidelines and risk assessment.
Participates as a key member of the various information security work groups and is responsible for recommending and assisting in the development and implementation of appropriate information security policies, standards, procedures, and guidelines required to safeguard information resources.
Creates and communicates status reports in accordance with departmental standards. Updates documentation consistently, following departmental policies and procedures.
Attends and participates in team, project and department meetings to increase awareness and information flow.
Identifies solutions to complex business directives or implementation impediments.
Aligns work to departmental goals.
Demonstrates ongoing dedication to expanding technical and business expertise and applies new skills and knowledge to TMC situations.
Adheres to and supports team members in exhibiting TMCH values of integrity, community, compassion, and dedication.
Adheres to TMC organizational and department-specific safety, confidentiality, values, policies and standards.
Performs related duties as assigned.
EDUCATION: Bachelor's degree or equivalent work experience in Computer Science, Information Management, or related technology field.
EXPERIENCE: Five (5) years of technology and/or information security experience, four (4) years experience with network, server, or application security technologies and concepts, and one (1) current security related certification such as CISSP, CISM, CISA, etc.; two (2) years healthcare experience preferred.
LICENSURE OR CERTIFICATION: CISSP (Certified Information Systems Security Professional) (ISSAP, ISSEP, ISSMP), CISM (Certified Information Security Manager), CISA (Certified Information Security Auditor) or other industry certifications in security and enterprise technical architecture preferred