Job Description Grow your career at Cedars-Sinai! The Enterprise Information Services (EIS) team at Cedars-Sinai understands that true clinical transformation and the optimization of a clinical information systems implementation is fueled through the alignment of the right people, processes, and technologies. Cedars-Sinai has once again solidified its position as a global healthcare technology leader, receiving top accolades in not one but two prestigious surveys. Why work here? Cedars-Sinai placed in the top 20 on Newsweek’s “World’s Best Smart Hospitals 2024” list, which highlights hospitals that have excelled in the utilization of electronic functionalities, telemedicine, digital imaging, artificial intelligence and robotics. The organization’s Healthtech excellence was acknowledged again, this time by the esteemed “CHIME Digital Health Most Wired” recognition program. Cedars-Sinai was assigned a Level 10-the most prestigious level of certification-among more than 300 surveyed healthcare organizations. Cedars-Sinai netted high scores across multiple domains and particularly excelled in the areas of infrastructure, interoperability, and population health innovation. What will you be doing in this role: The Cybersecurity Specialist is responsible for supporting, creating, and implementing of security architectures and secure application designs for information systems. This includes assisting application developers/support teams with secure application design, planning and integration. Conduct security architecture reviews, provides secure application/infrastructure solutions, designing/implementing mechanisms & programs that restrict access of malicious intent or other unauthorized users. Introducing new security methods/technologies for integration with existing technical architectures, frameworks, implementation planning, documentation of standard methodologies, and templates. Assessing security threats/risks and recommend/assist in the delivery of solutions to mitigate risks. Participating in the creation and administration of data security policies, procedures, and standards. Participating in access audits and conducting computing forensics. Participate in the creation and maintenance of data and network security policies and procedures. Provide system assurance and security oversight in EIS change control process; review and evaluate risks of submitted changes and impact to the security of CSMC network and systems. Review logs from intrusion detection and monitoring systems; conduct correlation analysis and take action accordingly. Facilitate external third-party assurance reviews to assess networks (internal, external, wireless, etc.). Work with technical teams to facilitate & promote security incident response procedures, address monitoring concerns, and identification of criteria for audit reporting. Conduct on-demand forensics analysis and review of compromised systems and/or systems used in potential un-secure and un-trusted manner. Conduct periodic review and scanning of: DMZ assets, critical servers, internal/external, and wireless networks. Develop security metrics and reporting on security monitoring efforts. Use security monitoring tools to evaluate and improve the security of organization systems and network. Maintain and support the security tools suite to ensure logged data fidelity and integrity. Qualifications Experience Requirements: Two (2)+ years’ as a cybersecurity specialist with experience in solution design, deployment, and operations in desktop, server, network and server technologies. Demonstrated understanding of computer/network security, operating systems (UNIX/LINUX, Windows and NT) LAN/WAN networking protocols such as: TCP/IP, routing, firewalls, IDS/IPS, PKI and encryption. Solid grasp in Information Classification, Network security protocols, methods and technologies, Application and Web Layer Security (Web 2.0, Secure Messaging, Secure Protocols), Continuity of operations planning and disaster recovery strategies and architectures, and Identity Access Management and Access Control. Experience with regulatory and compliance information security frameworks, standards and best practices (NIST, ITIL, HIPAA, PCI-DSS, ISO 27000 series, etc.). Educational/Certification Requirements: Bachelor’s Degree in Computer Science, Information Technology, or related field. (preferred) CISSP (Certified Information Systems Security Professional) certificate. (can be acquired within first 6 months).
- Jobs-Indeed
- LI-Hybrid
- J-18808-Ljbffr
Windows-NT Intrusion Detection System (IDS) Unix itil Intrusion Prevention System (IPS) HIPAA Linux PCI DSS Certified Information Systems Security Professional (CISSP) TCP/IP pki Windows Cybersecurity