Security Analyst I

Reports to the Director of Information Security. Responsible for the successful execution and monitoring of Beacon Health Systems (BHS) Information Security measures in accordance with program guidelines. Assists in the development of business strategy related to Cyber Security threats and conducts routine audit against BHS Information Security and Privacy Programs effectiveness. Develops metrics and reporting that will help monitor and track program effectiveness. Conducts routine Risk Analysis of BHS vendor's information security programs under the direction of the Director of Information Security. This position will also be responsible for learning and maintaining the organizations Identity Access management platform and aid with BHS Information Security Policy and Procedure creation pertaining to these functions. The preferred candidate will work with the Information Security and Privacy teams as a liaison between employee, patients, vendors, medical staff, and business associates in relation to BHS's Identity and Access Management functions. Additionally, this position will aid IS Leadership to assure compliance with Federal and State data security regulations, State Privacy Laws, any other regulatory requirements, or bodies.

MISSION, VALUES and SERVICE GOALS

• MISSION: We deliver outstanding care, inspire health, and connect with heart.
• VALUES: Trust. Respect. Integrity. Compassion.
• SERVICE GOALS: Personally connect. Keep everyone informed. Be on their team.

Coordinates responsibilities and projects for defined support areas for computer applications, including project tasks, troubleshooting, documenting problems, and conveying information to the appropriate vendor(s) and/or appropriate Beacon technical staff:

• Provides ongoing support to one or more application/system in accordance with established departmental policies and procedures.
• Assists in performing system tests and analyzing test results.
• Analyzes situations or data by reviewing identifiable factors.
• Assist in preparing specifications for new systems, projects or enhancements with end-users and information system staff as necessary.
• Contributes to projects by performing specific tasks as assigned.
• Maintains documentation according to established departmental policies and procedures.
• Follows established standards, methodologies, and procedures to ensure quality work product is produced.

Serves as a liaison and facilitator with Beacon Health end-user departments who utilize software programs by recommending solutions or alternatives to meet end-user department's needs or to help end-users perform their jobs better:

• Participates in business process redesign and documentation.
• Identifies solutions that will meet the end-user department's needs in the most effective and efficient manner.
• With guidance acts as a liaison with and advocate for the end-user department. Provides information between end-user departments and IS.
• Communicates verbally (by phone and in person), in writing and visually observing keyboard and printed representations of issues and requests.
• Performs troubleshooting activities to avoid potential problems.
• Participates in training departmental end- users in the use of Beacon's new and existing computer systems.

Performs other functions to maintain personal competence and contribute to the overall effectiveness of the department by:

• Follows the common vision of the work group. Accepts changes in a professional manner.
• Carries out activities within the scope of own job. Strives to produce quality results within established timelines.
• Participates in training IS staff as assigned.
• Establishes and maintains effective working relationships with end-user departments.
• Completes other job-related duties and special projects as directed.

ORGANIZATIONAL RESPONSIBILITIES

Associate complies with the following organizational requirements:

• Attends and participates in department meetings and is accountable for all information shared.
• Completes mandatory education, annual competencies, and department specific education within established timeframes.
• Completes annual employee health requirements within established timeframes.
• Maintains license/certification, registration in good standing throughout fiscal year.
• Direct patient care providers are required to maintain current BCLS (CPR), and other certifications as required by position/department.
• Consistently utilizes appropriate universal precautions, protective equipment, and ergonomic techniques to protect patient and self.
• Adheres to regulatory agency requirements, survey process and compliance.
• Complies with established organization and department policies.
• Available to work overtime in addition to working additional or other shifts and schedules when required.

Commitment to Beacon's six-point Operating System, referred to as The Beacon Way:

• Leverage innovation everywhere.
• Cultivate human talent.
• Embrace performance improvement.
• Build greatness through accountability.
• Use information to improve and advance.
• Communicate clearly and continuously.

Education and Experience

• The knowledge, skills and abilities as indicated below are normally acquired through the successful completion of a bachelor's degree in computer science, or related field. Must have strong project management skills. 2+ years of experience with Cyber Security and/or Security Operation Center Management. 5+ years of experience with administering Identity Access Management and Windows Active Directory platforms. Knowledge of Vendor Assessment review. Strong Analytical Skills. HCISPP, CISSP Certifications or DoD / Military equivalent(s)

Knowledge & Skills

• Experience with network information security methodologies.
• Experience in managing or supporting the product development lifecycle.
• Experience with the configuration and maintenance of network and computing infrastructure.
• Experience with Identity and Access Management Platforms.
• Experience with Microsoft Active Directory Build and Management.
• Experience with Cyber Advanced Threat Management Protocols.
• Knowledge of configuration management practices.
• Knowledge of Privileged Access Management platforms.
• Experience of Incident Response & Investigations process.

Working Conditions

• Works in an office environment.
• May be required to travel to off-site locations.
• May experience some mental/visual fatigue due to continued use of computer equipment.

Physical Demands

• Requires the physical ability and stamina to perform the essential functions of the position.