Responsible for implementation and upgrading or overseeing the implementation and upgrading of Information Security applications and operating systems. (DLP, SIEM, Firewall, IDS/IPS, Web Filtering, .)
Coordinate patch management implementation and coordination of the patch process.
Monitor and tune Security systems to maximize performance, reliability and security.
Responsible for monitoring of SIEM alert creation, tuning, and monitoring
Assists in the testing, selection, placement, implementation, operation and maintenance of various information security technologies.
Assists in the preparation of hospital information systems to resume normal operation after events such as disaster recovery, vandalism, and equipment failure.
Maintains access by providing information, resources, and technical support.
Establishes computer and terminal physical security by developing standards, policies, and procedures; coordinating with facilities security; recommending improvements.
Safeguards computer files by assisting with the development of disaster preparedness and recovery plans; recommending improvements
Develops security awareness by providing orientation, educational programs, and on-going communication.
Provides end-user security awareness training (GEO, department meetings, etc.)
Under the direction of the ISO and Information Security Manager, maintains and updates the security documents (policies, standards, baselines, guidelines and procedures)
Assists with security incident handling, audits, and investigations
Assists with security assessment and risk analysis sessions
Provides secure data transfer solutions, including but not limited to secure FTP, encrypted USB devices, and encrypted email
Maintains documentation, including, but not limited to: server hardware, server operating system, security application configurations, event alerts, incident tracking, vulnerability assessment reports, and penetration reports.
Assists with the development of Information Security education training for continuing education and orientation programs to all employees and staff members.
Creates and maintains policies, procedures and standards for Information Security.