: Under the general supervision of the Director Information Services Security and within Lifespan policies and procedures, provides support in the implementation and monitoring of a consistent security plan across the Lifespan enterprise. Participates in the development, control, and security assessment of all Lifespan systems including, but not limited to: legacy applications, new applications, data centers, local area networks, wide area networks, firewall/proxy servers, telecommunication systems, help desk, technology center, and facility infrastructure.
- Bachelor's Degree in computer science or related field is required plus five years of progressively responsible related work experience.
- Relevant information security certification earned from organizations such as (ISC)2, GIAC or CompTIA are preferred.
- In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls and a general understanding of security principles as they apply to a large, complex health information network
- Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.
- Experience with common information security management frameworks, such as HITRUST, ITIL, COBIT and National Institute of Standards and Technology (NIST) frameworks.
- Knowledge of the fundamentals of project management, and experience with creating and managing project plans, including budgeting and resource allocation.
- In-depth knowledge of risk assessment methods and technologies.
- Proficiency in performing risk, business impact, control and vulnerability assessments.
- Excellent technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
- Experience in developing, documenting and maintaining security policies, processes, procedures and standards.
- Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.
- Audit, compliance or governance experience is preferred.
- Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
- Ability to interact with Lifespan's personnel at all levels and across all business units and organizations, and to comprehend business imperatives.
- Strong leadership abilities, with the capability to guide team members and to work with only minimal supervision.
- Strong written and verbal communication skills.
- A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships.