Information Systems Security Administrator II

DESCRIPTION OF POSITION:

• The Security Administrator II will implement and maintain the security systems of Lake Charles Memorial Hospital. This position will be responsible for preventing unauthorized access to our networks, responding to network breaches, and driving security policies. This role will manage and monitor network firewalls, web filtering, log aggregation, and implement network vulnerability scans on a regular basis.

RESPONSIBILITIES AND DUTIES:

• Create and manage a targeted information security awareness training program for all employees, contractors, and approved system users
• Develop the cyber strategies, technologies, policies and procedures to ensure missions are safe and compliant
• Create a risk-based process for the assessment and mitigation of any information security risks and incidents
• Develop secure business and communication practices
• Develop and lead the Computer Security Incident Response Team
• Develop and oversee effective disaster recovery policies and standards
• Conduct electronic discovery and digital forensic investigations
• Develop and lead information security strategies to stay ahead of increasing security threats
• Develop and implement information security measures to safeguard the organization and customer information against accidental or unauthorized modification, destruction, or disclosure
• Develop and implement cloud security strategies
• Implementation of incident response, threat intelligence, DLP/DR/BCP, IAM, information privacy, SOC management, security architecture, security policy/advocacy and risk assessments
• Facilitate an information security governance committee and formulate an information security advisory board
• Evaluate security products from vendors
• Ensure that the company is in regulatory compliance with the rules for relevant bodies
• Establish regular reporting for the information security program to enterprise risk teams
• Translate technical risks into interpretable organizational risks for a wide range of corporate audiences
• Identify, evaluate, and report on legal and regulatory, IT, and cybersecurity risk to information assets
• Ensure the confidentiality, availability, and integrity of information assets in compliance with industry laws, regulations, and regulatory guidance.
• Ensure the consistent application of policies and standards across all technology projects, systems, services, and contracts.
• Ensure that data privacy requirements are included in processes
• Ensure the company's data privacy is secure
• Work with vendors when designing, implementing, and finalizing projects.

The above statements are only meant to be a representative summary of the major duties and responsibilities performed by incumbents of this job. The incumbents may be requested to perform job-related tasks other than those stated in this description.

EDUCATION AND WORK EXPERIENCE

• Bachelor’s Degree in Information Security or other related field and 2 to 4 years of experience required.
• Proficiency with Cisco Firepower, IronPort, Umbrella, and AMP
• Ability to manage and implement SIEM products
• Strong vision, management, and sound execution capabilities.
• Ability to understand new laws and regulatory requirements and how they relate to security and compliance and present the overall risk to the organization.
• Experience in leading projects with diverse groups and locations.
• Strong multitasking abilities
• Ability to be approved for Sensitive Compartmented Information (SCI) access
• Communicate complicated security concepts to technical and nontechnical employees.
• Experience with risk management and auditing.
• Views security as an enabler, not an inhibitor to innovation.
• Security+, CISSP, CEH preferred
• CCNA Cyberops, PenTest+, CPENT highly valued

Physical Demands/Work Environment

• Capable of performing light to medium duty physical tasks.
• Must be able to remain in a stationary position for 50% of the time.
• The work environment may be physically confining.
• Must be able to exchange accurate information with patients, family, peers, and medical personnel.
• Must be free of all communicable disease and be up to date on immunizations.
• Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.