Job Requirements

advertisement
The Childrens Hospital of Philadelphia
*Position Title:
*Position Type:
*Compensation:
*Start Date:
*Location:
Security Analyst II
Regular - Full Time
N/A
N/A
Philadelphia, PA
*Job Description
Job Responsibilities:
*Job Requirements
The responsibilities of an Information Security Analyst II encompass identical
responsibilities as an Information Security Analyst I, but with a greater degree of
complexity. An Information Security Analyst II also:
1. Participates in and/or develops departmental policies, standards and procedures,
including information security policies, procedures, checklists, and guidelines.
2. Participates in the development of document process workflows to support
departmental procedures/processes.
3. Participates in and supports the development and implementation of identified
information security solutions, including assisting in the review, test, and integration of
security tools.
4. Participates in the development of information security training materials for CHOP end
users and validates that CHOP personnel are aware of their responsibilities and
accountability as outlined in the security policies.
5. Participates in the development and maintenance of Ms Project, Access or Excel
databases to support security initiatives, including data mining and querying techniques.
6. Participates in risk analysis and risk assessment activities to support regulatory
requirements related to financial, healthcare industries or related accreditation
requirements (e.g., HIPAA Security and Privacy Rules)
7. Documents and supports user provisioning activities for application development and
maintenance projects such as translating user roles and profiles.
8. Facilitates analysis of security issues with respect to interfaces, databases, and other
related initiatives.
9. Supports the development of Corrective Action Plans (CAPs) for the remediation of
control deficiencies around information security, access control and segregation of duties.
10. Performs departmental project management duties such as time accounting and
status reporting.
Job Summary:
1. Demonstrates knowledge and proficiency in Information Security principles,
regulations, standards, risk management methodologies, and project management
principles.
2. Demonstrates data gathering techniques and the ability to troubleshoot information
security issues and develop solutions.
3. Exhibits knowledge of regulatory requirements for healthcare and financial system
controls.
4. Demonstrates proficiency in data mining and querying techniques.
5. Performs analysis to support decision making.
6. Collaborates, communicates effectively with clients and colleagues.
7. Exhibits the ability to articulate security policies, procedures, and guidelines to all levels
of management and staff.
8. Works with minimal supervision in support of team initiatives, and assists and educates
Information Security Analyst I personnel.
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 1 of 3
* Skills &
Qualifications:
Required Education and Experience:
1. Bachelor’s degree in Computer Science, Information Systems, or related field required.
2. 3 – 6 years related work experience in information security, risk management or other
related field.
3. Demonstrates a knowledge and understanding of user provisioning processes on
various platforms, databases, systems, & applications (Active Directory, Oracle)
4. Knowledge of general and IT controls (e.g., access controls, risk management, change
management) and related information security policies and procedures.
5. Exhibits proven understanding of healthcare regulatory standards (HIPAA Privacy &
Security Rules).
6. Experience in Epic suite of products is a plus.
Required Certification:
1. Industry security certification required such as Certified Information Systems Auditor
(CISA) or other industry related or security certification.
Additional Technical Requirements:
1. Good knowledge of basic database query techniques & data mining to analyze data
(e.g., Excel, Express Query, SQL, Quickbase, Business Objects) or other related
database functionality.
2. Project management skills & experience with MS productivity tools (Access, Word,
PowerPoint, Visio, Project).
3. Knowledge of Microsoft Active Directory, and UNIX environments.
4. Experience implementing application level security in clinical and financial systems
(e.g., Epic, Lawson). ERP experience a plus (PeopleSoft, SAP).
5. General understanding of networking and communication techniques including WANs,
LANs, Internet, Intranet, protocols, such as TCP/IP and their impact on security.
Information Security Requirements:
1. Understand and comply with all enterprise and IS departmental information security
policies, procedures and standards.
2. Support the integration of information security in the development, design, and
implementation of Hospital Technology Resources that process, transmit, or store CHOP
information.
3. Support all compliance activities related to state, federal regulatory requirements,
healthcare accreditation standards, and all other applicable regulations that govern the
use and disclosure of patient, financial, or other confidential information.
Education:
Certification(s):
Travel:
All CHOP employees who work in a patient building or who provide patient care are
required to receive an annual influenza vaccine unless they are granted a medical or
religious exemption.
See above
See above
N/A
*Contact Information
Job
Reference
:
*Contact
Name:
Email
Address:
14-33254
N/A
N/A
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 2 of 3
Telephone
:
Fax:
Website:
Company
Informatio
n:
N/A
N/A
https://www.chop.edu.apply2jobs.com/ProfExt/index.cfm?fuseaction=mExternal.showJob&RID=33
254&CurrentPage=1
All CHOP employees who work in a patient building or who provide patient care are required to
receive an annual influenza vaccine unless they are granted a medical or religious exemption.
The Children's Hospital of Philadelphia is committed to providing a safe and healthy environment
for its patients, family members, visitors and employees. In an effort to achieve this goal,
employment at The Children's Hospital of Philadelphia, other than for positions with regularly
scheduled hours in New Jersey, is contingent upon an attestation that the job applicant does not
use tobacco products or nicotine in any form and a negative nicotine screen (the latter occurs after
a job offer).
Special
Instructio
ns:
The Children's Hospital of Philadelphia is an equal opportunity employer. We do not discriminate
on the basis of race, color, gender, gender identity, sexual orientation, age, religion, national or
ethnic origin, disability or protected veteran status.
Please apply for this position at the link provided above.
ISACA Philadelphia is not responsible for the content or accuracy of this job posting.
Template Version 1.1: 02/21/07
Page 3 of 3
Download