Employment Type:

Full time

Shift:

Description:

POSITION PURPOSE

• Provides information security knowledge and skills in managing the administration of information security services under general guidance. Serves as a specialist in one or more specific information security domains, including:
• Risk Assessments (Projects or Programs)
• Data Loss Prevention
• User Access Reviews
• Regulatory Compliance; i.e. PCI
• Security Reporting Tracking & Tools: i.e Archer
• Vulnerability Scanning & Mitigation
• eDiscovery and Forensics
• Incident Response Coordination
• Communications and Awareness
• Assists and supports the Enterprise Information Security (EIS) Directors and Regional Health Ministry (RHM) Information Security Managers in ensuring all projects and services meet Trinity Health Information Security and regulatory standards while delivering business requirements. Establishes and operates information security reporting procedures to validate that security controls remain in place. Acts as an advocate and resource on information security for various Regional Health Ministry (RHM) areas and/or system-wide initiatives. Assists the business owners of various information resources in addressing security issues.

ESSENTIAL FUNCTIONS

• Knows, understands, incorporates and demonstrates the Trinity Health (TH) Mission, Vision and Values in behaviors, practices and decisions.
• Provides technical consultation and assistance in identifying, evaluating and documenting use of systems and other related services to ensure compliance with EIS policies.
• Reviews various system and technical documents and applies security templates. Defines security configuration and operational standards for security systems and applications.
• Interacts with vendors to ensure a cohesive client-vendor relationship that maintains and upholds services in the best interest of Trinity Health.
• Contributes to the creation of department procedures, standards and documentation for all information security services. Utilizes excellent verbal and written communication skills.
• Represents the EIS Director, when applicable, on EIS matters as well as serve as EIS liaison with RHM Security and Privacy Officials.
• Participates in the development and promotion of Information Security information for general awareness.
• Participates in site-specific meetings. Participates in the creation of the development and implementation of annual objectives and tactical plans to achieve strategic planning initiatives. Monitors or enforces security policies, procedures and standards to ensure conformance with TIS objectives.
• Maintains a working knowledge of applicable Federal, State and local laws/regulations; the Trinity Health Integrity and Compliance Program and Code of Conduct; as well as other policies and procedures in order to ensure adherence in a manner that reflects honest, ethical and professional behavior.

MINIMUM QUALIFICATIONS

• Bachelor’s degree or an equivalent combination of education and experience.
• Minimum of three (3) years of progressive experience in Information Services including one (1) year in information security, including experience in compliance with federal and state security regulations
• Certified Information Systems Security Professional (CISSP), International Social Security Association ( ISSA ), Certified Information Systems Auditor (CISA) or equivalent preferred.
• Must possess a general understanding of enterprise security best practices relating to implementing and managing enterprise security solutions.
• Working knowledge of one or more information security regulations and/or frameworks; i.e. HIPAA, ISO 27001/2, FISMA, FIPS, and NIST security.
• Experience with administrative and technical assessments as well as enforcing organizational compliance.
• Must be team oriented, supportive, and committed to excellence and possess high level of initiative and self-motivation with demonstrated work ethic.
• Must be committed to continual personal and professional growth, possess a pro-active approach with a willingness to “go the extra mile” every time for the customer.
• Ability to work under general direction, manage multiple priorities and to effectively adapt to rapidly changing technology and business needs with demonstrated ability to prioritize projects and work load.
• A personal presence which is characterized by a sense of honesty, integrity and caring with the ability to inspire and motivate others to promote the philosophy, mission, vision, goals and values of Trinity Health.

PHYSICAL AND MENTAL REQUIREMENTS AND WORKING CONDITIONS

• Must be able to adapt to frequently changing work priorities, and be able to prioritize and balance the requirements of working with multiple members of the Enterprise Information Security team.
• Must be able to communicate frequently, in person and over the phone, with people in a number of different locations on technical issues.
• Manual dexterity is needed in order to operate a keyboard. Hearing is needed for extensive telephone and in person communication.
• Must be able to travel to the various Trinity Health sites (25%).

The above statements are intended to describe the general nature and level of work being performed by persons assigned to this classification. They are not to be construed as an exhaustive list of duties so assigned.

Our Commitment to Diversity and Inclusion

Trinity Health is one of the largest not-for-profit, Catholic healthcare systems in the nation. Built on the foundation of our Mission and Core Values, we integrate diversity, equity, and inclusion in all that we do. Our colleagues have different lived experiences, customs, abilities, and talents. Together, we become our best selves. A diverse and inclusive workforce provides the most accessible and equitable care for those we serve. Trinity Health is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, status as a protected veteran, or any other status protected by law.