hero

Find your next cybersecurity opportunity

236
companies
248
Jobs

CYBER SECURITY ADMINISTRATOR

South Shore Health

South Shore Health

Weymouth, MA, USA
Posted on Feb 2, 2024

If you are an existing employee of South Shore Health then please apply through the internal career site.

Requisition Number:

R-15300

Facility:

LOC0014 - 549 Columbian Street549 Columbian Street
Weymouth, MA 02190


Department Name:

SHS Cyber Security

Status:

Full time

Budgeted Hours:

40

Shift:

Day (United States of America)The Cyber Security Administrator is responsible for the ongoing support of information security policies, procedures, and technical systems in order to maintain the confidentiality, integrity, and availability of information. The individual is responsible for implementing, supporting, and enforcing information security directives as mandated by the South Shore Health System’s Information Security framework. The individual manages daily security operations, changes, and configuration management in support of information technology security initiatives; conduct technical evaluations, and make recommendations to the Information Technology group. All duties to be performed in a manner that promotes a team concept and is consistent with the culture and mission of the Health System.

ESSENTIAL FUNCTIONS

Essential functions are those tasks, duties and responsibilities that comprise the means of accomplishing the job's purpose and objectives. Essential functions are critical or fundamental to the performance of the job. They are the major functions that the person in the job is held accountable for. Following are the essential functions of the job.


* Use this to denote if a function does not provide opportunity to perform beyond "Meets Expectations."


1. Perform and/or support information security risk assessments and audits to ensure that information systems are adequately protected and meet the Health Systems’ security framework and standards.

2. Provide coordination and support for Information Security technology and programs.

3. Support upgrades and enhancements to Information Security systems and tools

4. Administration of information security controls and tools, e.g., access controls, endpoint detection and response (EDR), data loss prevention, e-mail security, encryption, patching, vulnerability, web application gateways, perimeter firewalls and security log management and monitoring tools, used in governance, risk management, and compliance of protected data.

5. Collaborate on information security related incidents and resolution with technical staff and provide security expertise/knowledge to cross functional information management teams.


6. Conducts audits of the security levels, security practices and provides updated status reports.

7. Responsible for oversight of patch management program.

8. Mitigate security event alerts and vulnerabilities through security incident event management (SIEM) tools or other external sources.

9. Develop and maintain technical documentation used for information security operations procedures, which outline decision support (e.g., security control administration, best practices, events of interest and incident handling, and escalation).

10. Identifies attacks to the Health System network and systems and escalates security issues to facilitate prompt remediation.


11. Identifies, tracks, and monitors information security threats to support service continuity and security management.

12. Keep current with security threats, new privacy and security legislation, and security technologies.

13. Facilitate Change Management meetings.

14. Administrator Phishing Simulation testing and Cyber Security training.

15. Prepare audit documentation.


16. Perform other duties as assigned.



ESSENTIAL FUNCTIONS (Cont.)

I. Technology and Learning
a. Participates in continued learning and possess a willingness and ability to learn and utilize new technology and procedures that continue to develop in their role and throughout the organization.


b. Embraces technological advances that allow us to communicate information effectively and efficiently based on role.

UNIT / DEPARTMENT SPECIFIC JOB FUNCTIONS

Unit Specific functions are those tasks, duties and responsibilities that are specific to the performance of the job within a certain unit(s). Following are unit specific functions of the job, along with the corresponding performance standards.

1. · Personal transportation for local travel between SSHS sites.

2. · Participate in emergency and on-call coverage as assigned.

SKIILLS REQUIRED

  • Comprehensive working knowledge of Microsoft Windows Desktop and Server operating systems, Active Directory, Azure Active Directory, Firewall Administration tools, OSI Model, LAN/WAN/VPN skills.
  • CompTIA Security+, Microsoft Security Operations Analyst (SC-200), or other related/equivalent certifications preferred.
  • Working knowledge of email security controls like DMARC, DKIM, and SPF preferred.
  • Familiarity with cybersecurity frameworks (MITRE ATT&CK, HITRUST, NIST Cybersecurity, ISO preferred.

Hybrid, Mon-Fri 8am-5pm

Responsibilities if Required:

Education if Required:

License/Registration/Certification Requirements: