Cyber Security Analyst II
Mass General Brigham(PHS)

Boston, Massachusetts

Posted in Health and Safety

This job has expired.

Job Info

About Us:

As a not-for-profit organization, Mass General Brigham is committed to supporting patient care, research, teaching, and service to the community by leading innovation across our system. Founded by Brigham and Women's Hospital and Massachusetts General Hospital, Mass General Brigham supports a complete continuum of care including community and specialty hospitals, a managed care organization, a physician network, community health centers, home care and other health-related entities. Several of our hospitals are teaching affiliates of Harvard Medical School, and our system is a national leader in biomedical research.

We're focused on a people-first culture for our system's patients and our professional family. That's why we provide our employees with more ways to achieve their potential. Mass General Brigham is committed to aligning our employees' personal aspirations with projects that match their capabilities and creating a culture that empowers our managers to become trusted mentors. We support each member of our team to own their personal development-and we recognize success at every step.

Our employees use the Mass General Brigham values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.

General Summary/Overview Statement

With guidance from the Cyber Security Risk Manager, assists with the Partners HealthCare enterprise-wide information security risk assessment program through active engagement with business owners including information gathering, risk analysis, and reporting. This is considered a mid-level position within the Risk Assessment Unit.

Principal Duties and Responsibilities

Coordinates and performs information system and third-party risk assessments, following a NIST-based methodology.

Work collaboratively with the Security Architects and the Security Engineering unit to build on defining necessary controls to close the gaps.

Works closely with IS management, business owners, end-users, and developers to implement risk identification and mitigation strategies and solutions that comply with IS security policies and standards.

Assists with the implementation of GRC technologies, including the implementation of automated risk assessment practices.

Implement risk assessment methods and approaches to increase compliance with documented policies and standards. Track progress against defined agreed upon plans to verify completion of remedial activities as needed.

Will assist in the development of report templates, creating formal risk assessment process documents and also delivering formal risk assessments reports to all levels of the business.

Coordinates with other functional units in the Partners HealthCare Information Security and Privacy Department in relation to application security testing, and vulnerability management.

Advises on information security issues related to specific systems and supporting workflows.

Provides appropriate and timely problem identification, reporting, and escalation with recommended resolutions to IS Security leadership.

Maintains current knowledge of applicable federal and state privacy laws and accreditation standards, and monitor advancements in information privacy and security technologies to ensure adaptation and compliance.

Maintains awareness of new technologies and related opportunities for impact on system or application security.

Conduct information security research in keeping abreast of latest security issues and keeps abreast of testing tools, techniques, and process improvements in support of security event detection and analysis.

Researches and advises on documented architectures and frameworks that describe and are used to manage and improve the technical security environment.

Uses the Partners HealthCare values to govern decisions, actions and behaviors. These values guide how we get our work done: Patients, Affordability, Accountability & Service Commitment, Decisiveness, Innovation & Thoughtful Risk; and how we treat each other: Diversity & Inclusion, Integrity & Respect, Learning, Continuous Improvement & Personal Growth, Teamwork & Collaboration.

Performs other duties as assigned.

Bachelor's degree in a technical field, or equivalent combination of education and experience.

Minimum of 5 years related experience, including:

3-5 years information system security in a health care environment preferred, including solid background with various technology areas, including networking, distributed applications, systems software, firewalls, and database management.

Strong technical background; understanding of security architecture, networking and system security controls

Previous/current experience working with tools and products such as firewalls, IDS/IPS, vulnerability scanning tools, penetration testing, system hardening, authentication, wireless tools; etc

3 years project management experience using established methodologies and tools

1-3 years experience with risk assessment and compliance monitoring

Experience with HIPAA, HITECH, and the NIST 800-53/30 and FIPS series publications

Prior security consulting experience preferred, but not mandatory

Security certifications strongly preferred, such as CISSP, CISA, SANS certifications and CRISC

Skills/Abilities/Competencies Required

Ability to effectively communicate to individuals and groups at various professional levels e.g. physicians and other care providers, managers and staff in order to accomplish goals and objectives while maintaining good working, professional relationships

Ability to exhibit critical and "systems" thinking

Ability to apply, analyze, interpret and present data and findings, which represent work, performed for operations and strategic decision-making

Ability to present information clearly, concisely, accurately and in a manner that promotes understanding

Energetic, positive and has a "can do" attitude

Understand the work environment and competing priorities in conjunction with developing and meeting defined goals and objectives

Function as both an individual contributor and team player within Health Information Systems and the Partners Healthcare organization at large and have an ability to be versatile, adaptable, and work within a complex, multi-site environment.

Provide quality customer service and serve as an exemplary representative of Partners Information Systems.

Understand the flow of data through a complex architecture (networking, systems and database)

Strong written and verbal communication skills

Strong PC skills including Microsoft Office Suite

Strong organizational, multi-tasking, analytical and problem-solving skills

Strong project management and process improvement implementation skills

EEO Statement
Mass General Brigham is an Equal Opportunity Employer & by embracing diverse skills, perspectives and ideas, we choose to lead. All qualified applicants will receive consideration for employment without regard to race, color, religious creed, national origin, sex, age, gender identity, disability, sexual orientation, military service, genetic information, and/or other status protected under law.

This job has expired.

More Health and Safety jobs

Cambia Health Solutions
Coeur d'Alene, Idaho
Posted about 2 hours ago

Cambia Health Solutions
Medford, Oregon
Posted about 2 hours ago

Healthstat, Inc
Bartow, Florida
Posted about 2 hours ago

Job Alerts

Provide an email, zip code for jobs, and/or job category to subscribe to job alerts. Learn more now.

*By subscribing, you agree to our Terms and Privacy Policy.