New York Veterans Jobs

Department of Labor Careers

Job Information

Northwell Health Spclst Information Security in Melville, New York

Req Number 003C3Q

Job Description

mso-border-alt:solid windowtext 2.25pt;mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-border-insideh:2.25pt solid windowtext;mso-border-insidev:2.25pt solid windowtext"

POSITION

SUMMARY

Reviews and documents security risk and controls surrounding

enterprise information technologies, applications and services. Maintains

policies, standards and procedures to align with information security

frameworks and enterprise strategies. Supports the information security awareness

and training program.

RESPONSIBILITIES







text-indent:-.25in;mso-list:l0 level1 lfo1"1.

Perform application security reviews, vendor/business

associate assessments, threat modeling and vulnerability analysis based on

the NIST/HITRUST framework.

text-indent:-.25in;mso-list:l0 level1 lfo1"2.

Oversee corrective action plan development,

establish remediation priorities, and track status.

text-indent:-.25in;mso-list:l0 level1 lfo1"3.

Provide information security subject matter

expertise to developers, engineers, and workforce members on information

security risk assessments, vulnerability remediation and threat detection

techniques.

text-indent:-.25in;mso-list:l0 level1 lfo1"4.

Maintain Information Security policies,

standards and guidelines.

text-indent:-.25in;mso-list:l0 level1 lfo1"5.

Develop and maintain security awareness and

training materials to reinforce required security controls and address gaps

noted in assessments.

text-indent:-.25in;mso-list:l0 level1 lfo1"6.

Write technical reports based on security

review findings and recommendations.

text-indent:-.25in;mso-list:l0 level1 lfo1"7.

Performs other duties, as required.

*ADA Essential Functions

Qualifications

mso-border-alt:solid windowtext 2.25pt;mso-padding-alt:0in 5.4pt 0in 5.4pt; mso-border-insideh:2.25pt solid windowtext;mso-border-insidev:2.25pt solid windowtext"

REQUIRED

EXPERIENCE AND QUALIFICATIONS

tab-stops:list .25in"*

High School Diploma or equivalent, required

and minimum of eight (8) years progressively responsible information

technology risk management or security experience, required

OR

*

Bachelor's Degree in Information Security

or Audit or related field, required AND

tab-stops:list .25in"*

Minimum of five (5) years progressively

responsible information security assessment or audit experience,

required.

tab-stops:list .25in"*

Thorough knowledge and understanding of

current information risk assessment techniques, required.

tab-stops:list .25in"*

Working knowledge of IT standards, federal and

state compliance regulations, and security frameworks including HIPAA, HITRUST,

NIST, ISO27001, and PCI-DSS, required.

tab-stops:list .25in"*

In-depth technical knowledge of Information

Security principles and processes and experience writing/maintaining

information security policies, standards and guidelines, required.

tab-stops:list .25in"*

Attention to detail, excellent writing,

documentation, communication, presentation, customer service and

interpersonal skills, and the ability to work with all levels of management,

required.

tab-stops:list .25in"*

Healthcare environment, preferred.

tab-stops:list .25in"*

Certified in at least one of the

following: Certified Information

Systems Security Professional (CISSP), Certified Information Systems Auditor

(CISA), Security+, Global Information Assurance Certification (GIAC) or

related certification, preferred.

DirectEmployers