Typical pay range: $41. 68 - $57. 31

ST. CHARLES HEALTH SYSTEM

JOB DESCRIPTION

TITLE: Senior Information Security Specialist - Security Operations

REPORTS TO POSITION: Chief Information Security Officer

DEPARTMENT: Information Security

DATE LAST REVIEWED: December 2022

OUR VISION: Creating America's healthiest community, together

OUR MISSION: In the spirit of love and compassion, better health, better care, better value

OUR VALUES: Accountability, Caring and Teamwork

DEPARTMENT SUMMARY: St. Charles Health System's Information Security department is responsible for protecting St. Charles's physical and electronic regulated and confidential information. This is accomplished by identifying and assessing technical, physical, and administrative threats and vulnerabilities and then advising on how to mitigate the risks. The Information Security department is led by the Chief Information Security Officer (CISO) who reports to the SVP Chief Legal and Risk Officer.

POSITION OVERVIEW: The Senior Information Security Specialist (ISS) - Security Operations uses data collected form a variety of cyber defense tools (e.g., IDS alerts, firewalls, network traffic logs, O365, MDR partner) to analyze events that occur within their environment for the purposes of identifying and mitigating threats. This position demonstrates familiarity and experience with the technical and regulatory security and privacy requirements relating to healthcare operations, as well as the ability to communicate effectively with, and coordinate the efforts of, technology, operational, and support personnel. Additionally, this position supports information security initiatives such as data loss protection, vulnerability management, internet of things (IoT)/operational technology (OT), and implementation of the Center for Internet Security's Critical Security Controls. This position does not directly manage other caregivers.

ESSENTIAL FUNCTIONS AND DUTIES:

Characterizes and analyzes network traffic to identify anomalous activity and potential threats to network resources.

Coordinates with enterprise-wide cyber defense staff to validate network alerts.

Documents and escalates incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment.

Conducts research, analysis, and correlation across a wide variety of all source data sets (indications and warnings).

Performs cyber defense trend analysis and reporting.

Provides timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguishes these incidents and events from benign activities.

Uses cyber defense tools for continual monitoring and analysis of system activity to identify malicious activity.

Analyzes identified malicious activity to determine weaknesses exploited, exploitation methods, and effects on system and information.

Determines tactics, techniques, and procedures (TTPs) for intrusion sets.

Identifies and analyzes anomalies in network traffic using metadata.

Reconstructs a malicious attack or activity based off network traffic.

Assesses and monitors cybersecurity related to system implementation and testing practices.

Works with stakeholders to resolve computer security incidents and vulnerability compliance.

Identifies, evaluates, and reports to the CISO on information security risks in a manner that meets compliance and regulatory requirements, and aligns with and supports the information security risk posture of the enterprise.

Proactively works with business units to implement practices that meet defined policies and standards for information security.

Works with the CISO to determine acceptable levels of information security risk for the organization.

Supports the vision, mission, and values of the organization in all respects.

Supports Lean principles of continuous improvement with energy and enthusiasm, functioning as a champion of change.

Provides and maintains a safe environment for caregivers, patients, and guests.

Conducts all activities with the highest standards of professionalism and confidentiality. Complies with all applicable laws, regulations, policies, and procedures, supporting the organization's corporate integrity efforts by acting in an ethical and appropriate manner, reporting known or suspected violation of applicable rules, and cooperating fully with all organizational investigations and proceedings.

Delivers customer service and/or patient care in a manner that promotes goodwill, is timely, efficient, and accurate.

May perform additional duties of similar complexity within the organization, as required or assigned.

EDUCATION:

Required: Bachelor's Degree in Information Technology, Cybersecurity, or other discipline, or a combination of education and experience that will enable performance of the full scope of the position.

Preferred: Master's degree in IT, Computer Science or Cybersecurity.

LICENSURE/CERTIFICATION/REGISTRATION:

Required: If not already acquired, must earn one of the following information security certifications within 12 months of hire: relevant Global Information Assurance Certification (GIAC), OWASP, or other related professional security management certification focused on security operations, threat analysis, and monitoring.

Preferred: N/A

EXPERIENCE:

Required: Six (6) years information security operations experience.

Preferred: Demonstrated experience with: Microsoft O365, Rapid7 managed detection and response platform

Cloud security, OWASP, NIST Cyber Security Framework, Center for Internet Security's Critical Security Controls, Data loss protection.

PERSONAL PROTECTIVE EQUIPMENT:

Must be able to wear appropriate Personal Protective Equipment (PPE) required to perform the job safely.

ADDITIONAL POSITION INFORMATION:

General:

Communication/Interpersonal

Must have excellent communication skills and ability to interact with a diverse population and professionally represent the Information Security department.

Strong in person and remote environment team working and collaborative skills.

Effectively reach consensus with a diverse population with differing needs.

Manage facilitation and consensus building among health care professionals and agencies and achieve expected results.

Work under pressure in a fast-paced environment.

Organizational

Multi-task and work independently.

Attention to detail.

Demonstrated organizational skills, written and oral communication and customer service skills, particularly in dealing with stressful personal interactions.

Strong analytical, problem solving and decision-making skills.

Computer

Intermediate to advanced proficiency in Microsoft applications (Outlook, Word) and Adobe Acrobat.

PHYSICAL REQUIREMENTS:

Continually (75% or more): Use of clear and audible speaking voice and the ability to hear normal speech level.

Frequently (50%): Sitting, standing, walking, lifting 1-10 pounds, keyboard operation.

Occasionally (25%): Bending, climbing stairs, reaching overhead, carrying/pushing, or pulling 1-10 pounds, grasping/squeezing.

Rarely (10%): Stooping/kneeling/crouching, lifting, carrying, pushing, or pulling 11-15 pounds, operation of a motor vehicle.

Never (0%): Climbing ladder/stepstool, lifting/carrying/pushing, or pulling 25-50 pounds, ability to hear whispered speech level.

Exposure to Elemental Factors

Never (0%): Heat, cold, wet/slippery area, noise, dust, vibration, chemical solution, uneven surface.

Blood-Borne Pathogen (BBP) Exposure Category

No Risk for Exposure to BBP

Schedule Weekly Hours:

40

Caregiver Type:

Regular

Shift:

First Shift (United States of America)

Is Exempt Position?

Yes

Job Family:

SPECIALIST INFORMATION SECURITY

Scheduled Days of the Week:

Monday-Friday

Shift Start & End Time:

0800-1700