Location: Chicago, IL
- Conduct cybersecurity/security audits and assessments related to regulatory requirements and internal policies and standards.
- Identify cybersecurity risks related to medical equipment, applications, and systems, and offer recommendations on mitigation and remediation.
- Perform security and vulnerability assessments of infrastructure and systems.
- Perform monitoring activities as part of enterprise security operations.
- Research new technologies and emerging risks for proactive planning.
- Conduct investigations, identify root causes, document results, and propose remediation options.
- Monitor alerts, notifications, and other security application logs for anomalies.
- Participate in incident response.
- Make recommendations for policy changes pertaining to information security as business needs change and applications are enhanced.
- Complete appropriate security documentation to comply with policies and meet internal and external auditor expectations.
- Promote the goals, expectations, and policies of the department and organization.
- Recommend viable solutions to improve systems and processes.
- Engage and support clinical and technical customers as part of security outreach, customer service, and for investigations.
- 4-year college degree in liberal arts or computer science.
- Knowledge of HIPAA and PCI regulations, as well as the NIST Cybersecurity Framework (CSF).
- Technical knowledge of networks, operating systems, databases, and applications, including advanced knowledge of application and operating system security and controls.
- Excellent technical troubleshooting, investigational, and problem solving skills.
- Demonstrated, hands-on experience with security and network operations tools, utilities, and applications, including manual and automated monitoring and auditing tools and techniques.
- Demonstrated ability to perform audits of information systems and security configuration/standards.
- Demonstrated ability to solve highly complex technical problems.
- Excellent written and verbal communication skills and the expertise to translate technical terminology into terms understandable by management, department heads and performance level personnel.
- High degree of motivation with the ability to work alone and in a team setting.
- Good verbal and written communication skills with a strong customer service orientation.
- Knowledge of healthcare applications, trends and industry standards a plus.