Job Description
Location: Metro Med Plaza -13691 Metro ParkwayFort Myers FL 33912 (Hybrid)
Department: Compliance
Work Type: Full Time
Shift: Shift 1/8:00:00 AM to 4:30:00 PM
Minimum to Midpoint Pay Rate: $90,667.20 - $117,852.80 / Annual
Summary Lee Health is seeking a Senior Security Analyst who will be responsible for maintaining Governance, Risk, and Compliance functions as they relate to Cybersecurity in the Health System network.
This position will assist in ensuring all defined enterprise and end user security strategies, profiles, and security guidelines are followed. Areas of focus include, establishing and updating corporate GRC policies, creating and profiling a controls framework for measuring the organization, track discovered findings to ensure they are remediated or accepted by the business, derive metrics from GRC activities for distribution to various audiences, present metrics to senior leadership and interested parties, maintain a central risk register to capture cyber risks, regularly monitor organizational cyber risks, assist in necessary aspects of external audits/reviews, facilitate and coordinate on-site risk reviews. This position will also work closely with the Corporate Compliance/Information Security Team to ensure proper HIPAA regulations and industry best practice guidelines are followed regarding application and network access.
Additional responsibilities include: reviewing security needs and recommending solutions consistent with industry and organizational security best practices, contributing to IT incident response and disaster recovery planning and execution, creating and maintaining security reporting and monitoring, administering and monitoring key security stack technologies, such as DLP/ITM, and collaborating with process owners, internal auditors, external auditors, and other stakeholders in order to assist in reviewing, monitoring, and resolving findings.
The Senior Security Analyst will also serve as a subject matter expert to departments on issues of Information Security Compliance, including guidance and training, designing and implementing programs for user awareness, compliance monitoring, and security compliance.
This position will have a hybrid schedule.
JOB REQUIREMENTS Education Requirements:
MINIMUM EDUCATION REQUIRED: o A Bachelor's Degree from an accredited college or university with a concentration in Computer Science, Information Systems, or four (4) years of equivalent relevant work experience required.
Experience Requirements
MINIMUM EXPERIENCE REQUIRED : Five (5) years of progressively responsible IT/Compliance work experience with a focus in GRC required
3+ years of expertise conducting HIPAA audits/assessments, as well as handling audit responses
Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk
Thorough understanding of international regulatory frameworks like NIST, ISO, HIPAA, HITRUST, PCI DSS, and GDPR
Experience performing security reviews and risk assessments preferred
Experience with working with other stakeholders to link corporate IT, procurement, and privacy departments with GRC objectives
Strong analytical and problem-solving skills coupled with great attention to detail required
Strong knowledge on security technologies and solutions required
Experience managing security events/incidents/projects as part of a GRC team
Expert analytical and problem-solving skills coupled with great attention to detail. Ability to resolve complex problems, proactively monitors and pursues improvement in applicable process, technology and systems, and policies
Advanced expertise on security technologies and solutions and is able to identify any gaps in capabilities of various security solutions with security frameworks
Certifications/Registration Requirements: GSEC, SSCP, CISA, CISM, CISSP, or other industry certification preferred
Other:
Some after-hours work and periodic 24x7 on call support will be required
US:FL:Fort Myers
Job Tags
Full time, Work experience placement, Shift work,