The Security Analyst is a senior level position responsible for monitoring, evaluating, auditing and maintaining systems and procedures to protect our facilities, data systems and databases from unauthorized users. This position will play a major role on our team responsible for ensuring that Sinai Health System corporate security remains in compliance with all government and contractual requirements. This position identifies potential threats and responds to reported security violations, determines causes of security violations and recommends corrective actions to ensure data and facility security. This position also researches, recommends, and implements changes to procedures and systems to enhance data systems security, and assists in communicating security procedures to users. The Security Analyst reports to Sinai's Technology Services Director and works closely with the VP/Chief Information Officer and the VP of Compliance/Business Integrity. The Security Analyst possesses and applies a comprehensive knowledge of the principles, practices, and procedures related to data security to the completion of difficult assignments.
PRIMARY RESPONSIBILITIES: · Monitor security systems including Ironport (webfilter and DLP), Websense, Logic, AD Audit, ADManager · Regularly audit all general servers (500+) for appropriate security configuration · Audit new servers before releasing to production · Create and maintain security policies and procedures · Performs yearly HIPAA risk assessment and updates/maintains the remediation plan · Performs monthly user activity audits · Perform regular software vendor site and vendor VPN audits · Audit Sinai Health System Business Associates annually for compliance with security requirements. Include site visits to physical locations, interfaces and any VPN connections. · Audit Sinai user behavior for inappropriate access to patient information using automated tools. Investigate incidents as needed
REQUIREMENTS: · Bachelor's degree or equivalent experience. · 6 - 9 years of related professional experience in data security analysis and design with experience using data security tools and software. · Experience in several of the following areas is required: understanding of business security practices and procedures; knowledge of current security tools available; hardware/software security implementation; different communication protocols; encryption techniques/tools; familiarity with commercial products, and current Internet/EC technology. · Active Security certification such as Certified Information Security Manager (CISM), Certified Information Systems Security Professional (CISSP) or Certified Homeland Security Professional (CHSP) is ideal. · Experience developing, implementing, and conducting Information Security/Assurance programs, policies, processes, and procedures per various security frameworks/standards, e.g.: FISMA; OMB directives; NIST (SP-800 series); HIPAA; Privacy Act. · Experience with large-scale enterprise systems or projects is preferred. · Excellent written and oral communication skills and the ability to understand and communicate technical concepts in a compelling persuasive manner. · Strong, persuasive oral presentation skills for a wide variety of executive level audiences. · Capable of working under tight deadlines, with flexibility to work on several projects concurrently. · Health care experience preferred but not required.
Schwab Rehabilitation Hospital is a freestanding, not-for-profit, 102-licensed bed facility onChicago’s West and Southwest Side that offers comprehensive inpatient and outpatient programs foradults and children. Schwab is a proud member of Sinai Health System and the first fully licensed andaccredited rehabilitation hospital in the Midwest.Our therapists see patients through the entire continuum o...f care, from acute inpatient admissions atMount Sinai Hospital, to inpatient rehabilitation and outpatient therapy services at Schwab. We alsohave a hospital-based rehabilitation-focused short-term sub-acute unit at Schwab that provides boththerapy and nursing services with exceptional outcomes.Our rehabilitation team takes a holistic, interdisciplinary approach to address the physical, cognitiveand psychosocial needs of each patient. Each patient is assessed and provided with a personalized careplan tailored to help achieve maximal independence and function. Schwab offers seven treatmentgyms featuring private treatment rooms, a warm-water indoor therapy pool, and an award-winningtherapeutic roof top garden.