Children’s Hospital of Philadelphia
*Position Title:
*Position Type:
*Compensation:
*Start Date:
*Location:
Security Analyst II
Full-time
n/a
n/a
Philadelphia, PA
*Job Description
Job Responsibilities:
*Job Requirements
The responsibilities of an Information Security Analyst II encompass identical responsibilities as an
Information Security Analyst I, but with a greater degree of complexity. An Information Security
Analyst II also:
1. Participates in and/or develops departmental policies, standards and procedures, including
information security policies, procedures, checklists, and guidelines.
2. Participates in the development of document process workflows to support departmental
procedures/processes.
3. Participates in and supports the development and implementation of identified information
security solutions, including assisting in the review, test, and integration of security tools.
4. Participates in the development of information security training materials for CHOP end users
and validates that CHOP personnel are aware of their responsibilities and accountability as outlined
in the security policies.
5. Participates in the development and maintenance of Ms Project, Access or Excel databases to
support security initiatives, including data mining and querying techniques.
6. Participates in risk analysis and risk assessment activities to support regulatory requirements
related to financial, healthcare industries or related accreditation requirements (e.g., HIPAA
Security and Privacy Rules)
7. Documents and supports user provisioning activities for application development and
maintenance projects such as translating user roles and profiles.
8. Facilitates analysis of security issues with respect to interfaces, databases, and other related
initiatives.
9. Supports the development of Corrective Action Plans (CAPs) for the remediation of control
deficiencies around information security, access control and segregation of duties.
10. Performs departmental project management duties such as time accounting and status
reporting.
Job Summary:
* Skills &
Qualifications:
1. Demonstrates knowledge and proficiency in Information Security principles, regulations,
standards, risk management methodologies, and project management principles.
2. Demonstrates data gathering techniques and the ability to troubleshoot information security
issues and develop solutions.
3. Exhibits knowledge of regulatory requirements for healthcare and financial system controls.
4. Demonstrates proficiency in data mining and querying techniques.
5. Performs analysis to support decision making.
6. Collaborates, communicates effectively with clients and colleagues.
7. Exhibits the ability to articulate security policies, procedures, and guidelines to all levels of
management and staff.
8. Works with minimal supervision in support of team initiatives, and assists and educates
Information Security Analyst I personnel.
Required Education and Experience:
1. Bachelor’s degree in Computer Science, Information Systems, or related field required.
2. 3 – 6 years related work experience in information security, risk management or other related
field.
3. Demonstrates a knowledge and understanding of user provisioning processes on various
platforms, databases, systems, & applications (Active Directory, Oracle)
4. Knowledge of general and IT controls (e.g., access controls, risk management, change
management) and related information security policies and procedures.
5. Exhibits proven understanding of healthcare regulatory standards (HIPAA Privacy & Security
Rules).
6. Experience in Epic suite of products is a plus.
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 1 of 2
Required Certification:
1. Industry security certification required such as Certified Information Systems Auditor (CISA) or
other industry related or security certification.
Additional Technical Requirements:
1. Good knowledge of basic database query techniques & data mining to analyze data (e.g., Excel,
Express Query, SQL, Quickbase, Business Objects) or other related database functionality.
2. Project management skills & experience with MS productivity tools (Access, Word, PowerPoint,
Visio, Project).
3. Knowledge of Microsoft Active Directory, and UNIX environments.
4. Experience implementing application level security in clinical and financial systems (e.g., Epic,
Lawson). ERP experience a plus (PeopleSoft, SAP).
5. General understanding of networking and communication techniques including WANs, LANs,
Internet, Intranet, protocols, such as TCP/IP and their impact on security.
Information Security Requirements:
1. Understand and comply with all enterprise and IS departmental information security policies,
procedures and standards.
2. Support the integration of information security in the development, design, and implementation of
Hospital Technology Resources that process, transmit, or store CHOP information.
3. Support all compliance activities related to state, federal regulatory requirements, healthcare
accreditation standards, and all other applicable regulations that govern the use and disclosure of
patient, financial, or other confidential information.
All CHOP employees who work in a patient building or who provide patient care are required to
receive an annual influenza vaccine unless they are granted a medical or religious exemption.
The Children's Hospital of Philadelphia is committed to providing a safe and healthy environment for
its patients, family members, visitors and employees. In an effort to achieve this goal, employment
at The Children's Hospital of Philadelphia, other than for positions with regularly scheduled hours in
New Jersey, is contingent upon an attestation that the job applicant does not use tobacco products
or nicotine in any form and a negative nicotine screen (the latter occurs after a job offer).
The Children's Hospital of Philadelphia is an equal opportunity employer. We do not discriminate on
the basis of race, color, gender, gender identity, sexual orientation, age, religion, national or ethnic
origin, disability or protected veteran status.
Education:
Certification(s):
Travel:
Job Reference:
*Contact Name:
Email Address:
Telephone:
Fax:
Website:
Company
Information:
Special Instructions:
See job requirements.
See job requirements.
n/a
*Contact Information
14-33254
TJ Hoopes
n/a
n/a
n/a
http://www.chop.edu/careers/index.html
Since its start in 1855 as the nation's first hospital devoted exclusively to caring for children, The
Children's Hospital of Philadelphia has been the birthplace for many dramatic firsts in pediatric
medicine. The Hospital has fostered medical discoveries and innovations that have improved
pediatric healthcare and saved countless children’s lives. Over 150 years of innovation and service to
our patients, their families and our community, reflect an ongoing commitment to exceptional patient
care
To apply for this position, visit:
https://www.chop.edu.apply2jobs.com/ProfExt/index.cfm?fuseaction=mExternal.showJob&RID=
33254&CurrentPage=1
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 2 of 2