Intermountain Health
Cybersecurity Risk Assessor Senior
Intermountain Health, Nashville, Tennessee, United States, 37247
Job Description:
The Intermountain Cybersecurity Program is broken into four distinct functions: Governance Risk and Compliance, Cyber Solutions, Cyber Advisory and the Cyber Fusion Center. Cyber Caregivers within Intermountain will specialize in their specific area and function.
The Cybersecurity-Senior is responsible for designing, engineering, analyzing and/or assessing key elements of Intermountain’s cybersecurity program. Caregivers within this job code will support one of the following aspects of the cyber program: governance, risk and compliance activities, identity and access management, data, endpoint and application security, infrastructure and network security, cyber architecture and standards, reporting and analytics, project management and business liaising.
Senior-level professionals are experienced in all aspects of cybersecurity and/or IT systems. Typically designs and develops approaches that are implemented by others. Functions independently with minimal oversight and direction. May instruct and guide lower level technical professionals.
This role manages Intermountain Cybersecurity Risks by assessing and coordinating systemic cyber risks with key partners, suppliers, and third parties. The position requires strong communication and negotiation skills with non-technical staff in clinical and business settings, along with technical expertise to evaluate threats, recommend safeguards, allocate resources, and oversee implementation of safeguards. Responsibilities include conducting technical assessments of cloud software, medical devices, and hardware to ensure appropriate design and effective security measures.
Please note that a video interview through Microsoft Teams will be required as well as potential onsite interviews and meetings.
We are committed to offering flexible work options where approved and stated in the job posting. However, we are currently
not
considering candidates who reside or plan to reside in the following states:
California, Connecticut, Hawaii, Illinois, New York, Rhode Island, Vermont, and Washington.
Essential Functions Experienced in cyber specific functions that could entail any one of the following:
Technical configuration, engineering, management and monitoring
Risk analysis, corrective action planning, policy development
Cyber threat modeling and assessment
Policy, procedure and guidance development
Architectural design, standards and documentation
Server administration and scripting
Data compiling, analytics and reporting
Cloud operations, cloud security and DevSecOps
Automation principles and how they can be applied in IT environments
Serves as experienced resource on incident and task management work for the delivery of cybersecurity services. Serves as a subject matter expert and primary member for project delivery tasks. Experienced in Cybersecurity industry practices. Experienced in high level IT principles and processes, such as networking, service management, ITIL and applications. Receives and responds to incoming calls, pages and/or e-mails. Schedules and performs improvements, upgrades and repairs as assigned. Ability to effectively prioritize/execute tasks in a high-pressure environment.
Skills
Communication
Time management
Accountability
Reliability
Professionalism
Collaboration
Critical thinking
Problem solving
Prioritization
Experienced in cybersecurity technologies and information systems
Qualifications Minimum Qualifications
Bachelor’s degree through an accredited institution or Intermediate level cybersecurity certification, such as SANS 500+ Series, CISA, or CISM
5-8 years of related work experience
Experienced skills in cybersecurity technologies, systems and processes
Advanced Troubleshooting skills
Experienced skill in analysis, attention to detail, problem resolution, judgment, and decision-making
Experienced skill in communication, presentation, and collaboration
Preferred Qualifications
Advanced cybersecurity certification such as a CISSP or SANS 500+ series
Depending on the roles focus:
Experienced attestation and certification methodologies, such as SOC2
Experienced in scripting and automation
Experienced understanding cybersecurity assessment tools/techniques
Understanding of Hospital workflow, critical functions, systemic processes.
Has experience assessing and managing supply chain risk and the risk of third-party suppliers and partners.
Physical Requirements
Interact with others requiring the employee to communicate information.
Operate computers and other IT equipment requiring the ability to move fingers and hands.
See and read computer monitors and documents.
Remain sitting or standing for long periods of time to perform work on a computer, telephone, or other equipment.
Location Lake Park Building
Work City West Valley City
Work State Utah
Scheduled Weekly Hours 40
The hourly range for this position is listed below. Actual hourly rate dependent upon experience.
$48.76 - $76.76
We care about your well-being – mind, body, and spirit – which is why we provide our caregivers a generous benefits package that covers a wide range of programs to foster a sustainable culture of wellness that encompasses living healthy, happy, secure, connected, and engaged.
Learn more about our comprehensive benefits package here (https://intermountainhealthcare.org/careers/benefits).
Intermountain Health is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
At Intermountain Health, we use the artificial intelligence ("AI") platform, HiredScore to improve your job application experience. HiredScore helps match your skills and experiences to the best jobs for you. While HiredScore assists in reviewing applications, all final decisions are made by Intermountain personnel to ensure fairness. We protect your privacy and follow strict data protection rules. Your information is safe and used only for recruitment. Thank you for considering a career with us and experiencing our AI-enhanced recruitment process.
All positions subject to close without notice.
#J-18808-Ljbffr
The Cybersecurity-Senior is responsible for designing, engineering, analyzing and/or assessing key elements of Intermountain’s cybersecurity program. Caregivers within this job code will support one of the following aspects of the cyber program: governance, risk and compliance activities, identity and access management, data, endpoint and application security, infrastructure and network security, cyber architecture and standards, reporting and analytics, project management and business liaising.
Senior-level professionals are experienced in all aspects of cybersecurity and/or IT systems. Typically designs and develops approaches that are implemented by others. Functions independently with minimal oversight and direction. May instruct and guide lower level technical professionals.
This role manages Intermountain Cybersecurity Risks by assessing and coordinating systemic cyber risks with key partners, suppliers, and third parties. The position requires strong communication and negotiation skills with non-technical staff in clinical and business settings, along with technical expertise to evaluate threats, recommend safeguards, allocate resources, and oversee implementation of safeguards. Responsibilities include conducting technical assessments of cloud software, medical devices, and hardware to ensure appropriate design and effective security measures.
Please note that a video interview through Microsoft Teams will be required as well as potential onsite interviews and meetings.
We are committed to offering flexible work options where approved and stated in the job posting. However, we are currently
not
considering candidates who reside or plan to reside in the following states:
California, Connecticut, Hawaii, Illinois, New York, Rhode Island, Vermont, and Washington.
Essential Functions Experienced in cyber specific functions that could entail any one of the following:
Technical configuration, engineering, management and monitoring
Risk analysis, corrective action planning, policy development
Cyber threat modeling and assessment
Policy, procedure and guidance development
Architectural design, standards and documentation
Server administration and scripting
Data compiling, analytics and reporting
Cloud operations, cloud security and DevSecOps
Automation principles and how they can be applied in IT environments
Serves as experienced resource on incident and task management work for the delivery of cybersecurity services. Serves as a subject matter expert and primary member for project delivery tasks. Experienced in Cybersecurity industry practices. Experienced in high level IT principles and processes, such as networking, service management, ITIL and applications. Receives and responds to incoming calls, pages and/or e-mails. Schedules and performs improvements, upgrades and repairs as assigned. Ability to effectively prioritize/execute tasks in a high-pressure environment.
Skills
Communication
Time management
Accountability
Reliability
Professionalism
Collaboration
Critical thinking
Problem solving
Prioritization
Experienced in cybersecurity technologies and information systems
Qualifications Minimum Qualifications
Bachelor’s degree through an accredited institution or Intermediate level cybersecurity certification, such as SANS 500+ Series, CISA, or CISM
5-8 years of related work experience
Experienced skills in cybersecurity technologies, systems and processes
Advanced Troubleshooting skills
Experienced skill in analysis, attention to detail, problem resolution, judgment, and decision-making
Experienced skill in communication, presentation, and collaboration
Preferred Qualifications
Advanced cybersecurity certification such as a CISSP or SANS 500+ series
Depending on the roles focus:
Experienced attestation and certification methodologies, such as SOC2
Experienced in scripting and automation
Experienced understanding cybersecurity assessment tools/techniques
Understanding of Hospital workflow, critical functions, systemic processes.
Has experience assessing and managing supply chain risk and the risk of third-party suppliers and partners.
Physical Requirements
Interact with others requiring the employee to communicate information.
Operate computers and other IT equipment requiring the ability to move fingers and hands.
See and read computer monitors and documents.
Remain sitting or standing for long periods of time to perform work on a computer, telephone, or other equipment.
Location Lake Park Building
Work City West Valley City
Work State Utah
Scheduled Weekly Hours 40
The hourly range for this position is listed below. Actual hourly rate dependent upon experience.
$48.76 - $76.76
We care about your well-being – mind, body, and spirit – which is why we provide our caregivers a generous benefits package that covers a wide range of programs to foster a sustainable culture of wellness that encompasses living healthy, happy, secure, connected, and engaged.
Learn more about our comprehensive benefits package here (https://intermountainhealthcare.org/careers/benefits).
Intermountain Health is an equal opportunity employer. Qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.
At Intermountain Health, we use the artificial intelligence ("AI") platform, HiredScore to improve your job application experience. HiredScore helps match your skills and experiences to the best jobs for you. While HiredScore assists in reviewing applications, all final decisions are made by Intermountain personnel to ensure fairness. We protect your privacy and follow strict data protection rules. Your information is safe and used only for recruitment. Thank you for considering a career with us and experiencing our AI-enhanced recruitment process.
All positions subject to close without notice.
#J-18808-Ljbffr