Junior Security Analyst

Dice is the leading career destination for tech experts at every stage of their careers. Our client, GHR Healthcare, is seeking the following. Apply via Dice today!

Must live in Columbus or within a one hour radius. The role is mainly remote but will be required onsite for specific meetings.

This is a junior level role (1-4 years of IT Security Experience)

Must have healthcare industry experience (HIPAA and PCI guideline knowledge is a must)

Responsible for performing risk assessments on internally and externally hosted applications. Identifying, remediating and communicating application level risk to the organization. The Information Security team within OSUMC IT Technology Services and Support is committed to assisting The Ohio State University Medical Center (OSUMC) and its patients.

Responsible for completing OSUWMC application risk assessments, 3rd party risk assessments, and control / compliance assessments. The individual will work with other teams within OSUWMC IT to provide security expertise when needed. Responsible for documenting and improving risk management process.

The duties of this position are performed with some review and supervision. Most assignments will be completed independently and are subject to periodic review and approval.

• Under general direction performs routine risk assessments and security control evaluations.

• Under general supervision assesses the risk of applications for the organization.
• Under general direction or guidance completes 3rd party risk assessments.
• Under general direction assists with data classification and data governance standards.
• Under general direction conducts routine assessments of information security controls and business practices
• Under general direction executes technical analysis functions to ensure all applicable IS security requirements are met
• Under general direction audits computer access to ensure that appropriate controls exist, that processing is efficient and accurate, and that systems and procedures are in compliance with IT security standards.
• Under general direction assists in the maintenance of Identity & Access Management concepts including legal & regulatory compliance requirements as needed.
• Supports the Security Officer and Privacy Officer with investigations.

• Assists in project consultations for the development, implementation and administration of infrastructure security devices and tools such as access controls, firewalls, IPS and authentication devices.
• Assists in the evaluation of acquisition requests for compatibility with the security architecture.
• Assists in the development and implementation of technical security standards.
• Coordinates with IT staff to enforce information security policies, standards, and procedures.
• Assists IT staff by providing security specifications for vendor products
• May assist in the following IT Security areas: security documentation management and program governance, risk management framework and strategy, information security outreach, awareness and training, and IT security certification and accreditation coordination.
• Assist with contingency plan development and evaluation
• Participates in projects requiring additional specialized technical knowledge in information security
• Documents and completes all assign tasks

• Reads and responds to (as appropriate) work-related e-mail
• Attends and participates in team meetings and other scheduled group discussions not associated with a project or other specific initiative
• Provides status reports and perform timekeeping on a weekly basis
• Participates on departmental committees and other administrative duties not specifically described herein
• Reviews and analyzes new technological advances in Information Security products such as software, devices, etc. and recommend acquisition of products based on needs assessments and budgetary constraints.
• Professional development
• Other duties as assigned
• If certification is required for your role, you are expected to obtain and maintain your certification as a condition of your employment

Practices within the Healthcare System's policies and procedures. Adheres to the Intensive Caring Value statements as demonstrated through positive patient/guest relations, positive and effective interactions with staff, and formulating and meeting developmental goals.

• Bachelor’s degree or equivalent cybersecurity related degree or 2 years systems analyst experience
• The ability to demonstrate knowledge of information security best practices
• Knowledge of the risk assessment life cycle and risk management.
• ship or who lives within a one-hour driving distance from Columbus, Ohio
• Good verbal and written communication skills.