Information Security Specialist - REMOTE

Job Description Description PeaceHealth is seeking a Information Security Specialist for a Full Time, 1.00 FTE, Day position. Hourly compensation is $32.42 - $48.63; hiring rate dependent on qualifications and professional experience. PeaceHealth is committed to the overall wellbeing of our caregivers: physical, emotional, financial, social, and spiritual. We offer caregivers a competitive and comprehensive total rewards package. Some of the many benefits included in this package are full medical/dental/vision coverage; 403b retirement plan employer base and matching contributions; paid time off; employer-paid life and disability insurance with additional buyup coverage options; tuition and continuing education reimbursement; wellness benefits, and expanded EAP and mental health program. This is a fully remote role. Must live in Oregon, Washington, Alaska or Texas. Must be fully vaccinated for COVID-19 including 2 doses of a 2-dose series or 1 dose of a 1-dose series plus 14 days beyond the final dose prior to start date. Participates in the evaluation and implementation of information security-related policies, procedures, standards, controls, and technologies across PeaceHealth in collaboration with team members and caregivers from adjacent departments, such as Information Technology (IT), Compliance, Privacy, Legal, Communications and Operations. Contributes to the successful delivery of operational outcomes and administration of information security-related technology systems. Collects and organizes detailed information to support reporting and presentation requirements. Provides on-call after-hours support as assigned. POSITION DETAILS: Participates in the design, engineering, implementation and operation of information security processes, policies, procedures, standards, systems, and controls based on business and technical requirements. Analyzes data from information security technology sources, such as endpoint protection, intrusion detection, security event monitors and secure proxies, to identify potential threats and defend PeaceHealth against threats. Protects PeaceHealth's information and information systems by analyzing public and private information sources. Collaborates with information security, technology teams and business stakeholders to respond to and remediate identified vulnerabilities and gaps in security controls, policies, procedures, and standards. Contributes to the design and implementation of security response automation. Effectively communicates, shares, and escalates technical issues within the team. Assists and supports information security assessment activities in collaboration with technical and non-technical teams across the organization. Participates in information security work groups, providing information for project management, scheduling, coordination, follow up, status reports and report outs. Participates in security-related investigations and other information security requests across PeaceHealth. Updates information security team documentation. Promotes information security education and awareness policies, procedures, standards, and controls in collaboration with stakeholders across the organization. Contributes to the analysis, design, build and management of role-based access controls for users of applications and systems. Supports user access review processes. Gathers information related to reports and metrics (e.g., system/control metrics, status updates, risk assessment reports, remediation reports) to support information security measurement and reporting objectives. Provides support and assistance to caregivers across the organization related to information security related technology and programs. Provides on-call after-hours support on a rotational basis as assigned, including evenings, weekends, and holidays Performs other duties as assigned. WHAT YOU BRING: Associate degree in Computer Science, Healthcare Information Technology, or relevant field or equivalent knowledge and skills obtained through a combination of education, training, and experience required. Minimum of three (3) years of experience in IT, information security, compliance or a related field required; of which at least one year of experience in information security required. Healthcare experience preferred. One or more relevant information security-related certifications preferred. Examples include: CISSP, CISA, HCISPP, CCSP, CRISC, CISM, CGIH, GCFA, GNFA, GPEN, GSEC, CEH, and Epic Security Coordinator. KNOWLEDGE/SKILLS/ABILITIES: Ability to work independently and manage day-to-day assignments with routine supervision and guidance. Good written and oral communications skills. Ability to understand information in various forms such as textual, graphical, and statistical. Ability to collect and analyze data to guide decision making while under potentially intense pressure to address security incidents. Ability to work collaboratively with a broad range of constituencies and respond to their needs and collaborate effectively towards solutions. Ability to work on matters of high sensitivity and confidentiality with both professionalism and discretion. Awareness of common information security tools, such as endpoint protection, intrusion detection, security event monitors, secure proxies, firewalls, encryption, single sign-on, multi-factor authentication, etc. Awareness of common information security methodologies, such as incident response, risk management, data protection, identity and access management, role-based access control, etc. Awareness of cyber threats and vulnerabilities. Awareness of adversarial tactics and techniques. Awareness of cybersecurity, ethics, and privacy principles, along with related regulatory requirements and industry frameworks (e.g., NIST CSF). Awareness of government and other regulatory requirements for medical billing and benefit verification as they pertain to access and user management. SHARED SERVICES PHYSICAL/COGNITIVE REQUIREMENTS: Work requires fairly light physical exertion from up to 65% of the time. Ability to lift objects weighing 30 lbs. or less. Work is performed under normal working conditions with adequate lighting and ventilation. Job duties frequently require intense concentration and attention to detail (up to 65% of work time). See how PeaceHealth is committed to Inclusivity, Respect for Diversity and Cultural Humility. PeaceHealth is committed to the overall wellbeing of our caregivers: physical, emotional, financial, social, and spiritual. We offer caregivers a competitive and comprehensive total rewards package. Some of the many benefits included in this package are full medical/dental/vision coverage; 403b retirement plan employer base and matching contributions; paid time off; employer-paid life and disability insurance with additional buyup coverage options; tuition and continuing education reimbursement; wellness benefits, and expanded EAP and mental health program. For full consideration of your skills and abilities, please attach a current resume with your application. EEO Affirmative Action Employer/Vets/Disabled in accordance with applicable local, state, or federal laws.