Information Security Analyst - Remote
Company: Boston Medical Center
Posted on: November 17, 2022
The Information Security Analyst (ISA) will collaborate with Boston
Medical Center Health System's (BMCHS) various internal and
external business units to build relationships and foster a culture
that considers information security. The ISA directs, coordinates,
plans, and organizes information security activities throughout the
hospital or health plan, while acting as the focal point for all
information security communications. The ISA is responsible for
implementing the controls needed to protect both BMCHS information
and information entrusted to Clearway Health by third parties.
The ISA is responsible for planning, coordinating and implementing
Clearway Health information security program. The ISA will lead or
participate in the development, enforcement, and maintenance of
policies, procedures, measures, and mechanisms to protect the
confidentiality, integrity and availability of information and to
prevent, detect, contain, and correct information security breaches
by aligning information security standards and compliance with
statutory and regulatory requirements.
The ISA also monitors security and privacy trends and coordinates
with Boston Medical Center (hospital or health plan) risk
management, legal, human resources, Health Information Management,
and compliance departments to keep abreast of relevant laws and
legislation (locally and nationally) to ensure that the security
and privacy programs are updated when appropriate to maintain
Position: Information Security Analyst
Department: Clearway Health
Schedule: Full-Time, Remote
ESSENTIAL RESPONSIBILITIES / DUTIES:
- Responsible for Information Security Program (ISP) development
- Identify protection goals, objectives and metrics consistent
with organizations strategic plan
- Incident response program development
- Security awareness program development
- Business continuity and disaster recovery program
- Determine the acceptable level of information security risk in
conjunction with senior management. Advise management on
information security risks and appropriate course of action.
- Conducts threats and vulnerability assessments to properly
analyze the risks to information security and determines
appropriate measures to effectively manage those risks
- Work with management to prioritize security initiatives and
spending based on appropriate risk management methodology
- Manage the investigation of security breaches or potential
breaches and assist with disciplinary and legal matters associated
with such breaches
- Work with outside consultants as appropriate for independent
- Participate in the evaluation, selection and implementation of
security products and technologies
- Develop enterprise education and communication plans.
- Maintain deep knowledge of legal requirements and market
standards of information security.
(The above statements in this job description are intended to
depict the general nature and level of work assigned to the
employee(s) in this job. The above is not intended to represent an
exhaustive list of accountable duties and responsibilities
- Master's degree in a related field or the professional
certifications Certified Information Systems Security Professional
(CISSP) and/or Certified Information Security Auditor (CISA) is
CERTIFICATES, LICENSES, REGISTRATIONS REQUIRED:
- Professional certifications of Certified Information Systems
Security Professional (CISSP) and/or Certified Information Security
Manager (CISM) is highly desirable.
- Seven plus years of experience in a large (over 2,000 users)
Information Technologies department. Large Healthcare IT Enterprise
experience is preferred.
KNOWLEDGE AND SKILLS:
- Should have experience with business continuity planning,
auditing, and risk management, as well as contract and vendor
- Must have a solid understanding of information technology and
- Strong verbal and written communication skills.
- Ability to articulate highly technical information into real
world business impact at a senior management level and, conversely,
ability to translate senior management business initiatives into
actionable technical designs.
- Must understand the unique requirements of security in a
healthcare setting. Associated topics: idm, information assurance,
information security, information technology security, leak,
protect, security officer, threat, violation, vulnerability
Keywords: Boston Medical Center, Boulder , Information Security Analyst - Remote, Professions , Boulder, Colorado
Didn't find what you're looking for? Search again!