DurhamRecruiter Since 2001
the smart solution for Durham jobs

DHTS Information Security Analyst

Company: Duke University
Location: Durham
Posted on: October 12, 2019

Job Description:

DHTS Information Security Analyst Req ID: 2471 Date: Oct 8, 2019 Location: Durham, NC, US, 27710 Personnel Area: HEALTH SYSTEM DHTS: Duke Health Technology Solutions is a robust, specialized division of Duke University Health System dedicated to the development and management of enterprise IT systems. A 2018 'Most Wired' health system, Duke is nationally recognized for IT and information management as the first healthcare system to achieve the Davies Award - highest honor by the Healthcare Information and Management Systems Society (HIMSS) - for inpatient, ambulatory and analytics health information technology capabilities. Our employees are among the top-skilled IT experts in the Triangle and partner with leading scholars, clinicians and researchers across Duke University and Duke Health to develop innovative technologies that support our mission of delivering tomorrow's healthcare today. DHTS INFORMATION SECURITY ANALYST Job Title: DHTS INFORMATION SECURITY ANALYST Job Code: 3843 FLSA: E Job Level: CD Revised Date: 03/01/2017 Job Family: JF 08 Occupational Summary The Information Security Analyst provides support for a variety of operational and consultative functions as part of a Duke IT Security Office. The Information Security Analyst helps design, implement, manage, and monitor technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of the organization???s information assets. The Information Security Analyst will carry out these responsibilities in collaboration with IT, clinical, research, and management staff from across Duke. Work Performed LEVEL 1: * Analyze findings from security monitoring systems, including Data Loss Prevention and Security Information Event Management consoles, to identify and respond to potential security incidents and data breaches. * Participate in incident response activities. * Conduct vulnerability scans and penetration tests to identify security risks and report on findings to system owners. * As part of performing incident response and vulnerability assessment activities, use professional judgment and institutional knowledge to assess risk levels, conduct forensic investigations, isolate malware, identify attack vectors, provide guidance on remediation planning, and prioritize remediation efforts. * Respond to relevant service requests received from end-users (e.g. for investigation of security events, reviewing changes requests for firewall rules or VPN configurations, or addressing user access requests). * Assist in delivering security awareness training for the organization's staff. * Help provide reports and presentations on the status of security controls to management and technical staff. * Participate in campus-wide information security events and programs to ensure alignment and knowledge sharing between departments. * 24x7 on-call support rotation may be required. * Performs other related duties incidental to the work described herein. LEVEL 2: * In addition to the duties described for Level 1, Level 2 will: * Lead or participate in incident response activities. * Collaborate with system, application, and data owners/custodians to conduct threat modeling exercises, risk assessments, and workshops to analyze business, legal, and regulatory requirements. * Using output from risk assessments and requirements analysis, assist system, application, and data owners/custodians with selecting security controls and documenting system security plans. * Review existing security plans with system, application, and data owners/custodians to ensure that controls are properly implemented, and to proactively identify any gaps that may result in audit findings. * Assist system, application, and data owners/custodians with selecting and documenting controls to address security-related audit findings. * Develop and deliver security awareness training for the organization's staff. * Provide reports and presentations on the status of security controls to management and technical staff. Required Qualifications at this Level Education/Training Level 1, and 2 - Bachelor's degree in a related clinical or technical field, or four years of equivalent technical experience required. LICENSURE/CERTIFICATION: LEVEL 1: N/A LEVEL 2: * In addition to the requirements described for Level 1, Level 2 requires: * One or more information security industry certifications (e.g. CISSP, CISM, CISA, CEH, or equivalent) are preferred. * Additional technical or management certifications (e.g. MCSE, CCNP, CCIE, or PMP) are preferred. Experience Level 1 - No experience required beyond the minimum education (or equivalency) requirement. Level 2 - Two years of related experience is required. Skills LEVEL 1: * Must have a working knowledge of at least one of the following information security practices, standards, and systems: * - Data Loss Prevention (DLP) systems * - Encryption technologies and standards * - Endpoint security software * - Governance, Risk, and Compliance (GRC) systems * - Firewalls * - Forensic investigation practices * - Identity and Access Management (IAM) * - Incident response practices * - Intrusion Detection and Prevention Systems (IDS/IPS) * - Network and/or application penetration testing * - Risk assessment practices * - Security Information Event Management (SIEM) systems * - Virtual Private Network (VPN) systems * - Vulnerability management practices * - Vulnerability scanning tools * Must have a working knowledge of at least one of the following regulatory compliance requirements and IT management frameworks: * - COBIT * - FISMA * - HIPAA Security and/or Privacy Rules * - HITECH and Meaningful Use * - HITRUST Common Security Framework (CSF) * - ISO 27000-series standards * - ITIL * - NIST information security standards * - PCI DSS * - ITIL * The ideal candidate will have demonstrated the following characteristics through past professional and educational experiences: * - A broad understanding of multiple IT disciplines and technologies * - Strong focus on customer satisfaction * - Strong written and oral communication skills * - Strong critical thinking, analytical, and problem solving skills * - Able to troubleshoot problems in complex technical environments * - Able to work independently or as part of a team as necessary * - Able to effectively prioritize tasks with competing deadlines * - Able to maintain a positive attitude in challenging circumstances LEVEL 2: * In addition to the KSAs described for Level 1, Level 2 will demonstrate: * Must have working or expert knowledge of at least three of the information security practices, standards, and systems described above. * Must have working or expert knowledge of at least two of the regulatory compliance requirements and IT management frameworks described above. * In addition to those described above, the ideal candidate will have demonstrated the following characteristics through past professional and educational experiences: * Self-starter who is able to work with minimal direction * Able to work effectively across multiple technical disciplines * Strong interpersonal skills and the ability to build relationships with colleagues, customers, vendors, and other third parties * The intent of this job description is to provide a representative and level of the types of duties and responsibilities that will be required of positions given this title and shall not be construed as a declaration of the total of the specific duties and responsibilities of any particular position. Employees may be directed to perform job-related tasks other than those specifically presented in this description. Duke University is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status. Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas-an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values. Essential Physical Job Functions Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department. Duke University is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status. Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas - an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values. Essential Physical Job Functions: Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department. Nearest Major Market: Durham Nearest Secondary Market: Raleigh

Keywords: Duke University, Durham , DHTS Information Security Analyst, Professions , Durham, North Carolina

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Professions Jobs


CDL Class A OTR Company Driver - Dry Van
Description: br br CDL Class A OTR Company Driver - Dry Van br Qualified candidates, call 877 590-7801 or click APPLY BELOW br PAY: ul li Get paid weekly li Paid orientation li 78 of the line (more...)
Company: Meadow Lark Transport
Location: Raleigh
Posted on: 10/17/2019

CDL-A Dedicated Dry Van Drivers - Up to $0.56 CPM (Raleigh,NC)
Description: Looking for Consistent Home Time and Great Pay RT T is looking for a Quality Driver to fill a Dedicated LaneWe are currently accepting applications for Owner Operators, Company Drivers, and Drivers wanting (more...)
Company: RT&T Enterprises
Location: Raleigh
Posted on: 10/17/2019

Hiring Owner Operator CDL A Truck Drivers - Flatbed - Apply Today
Description: Tired of slow work Plenty of Freight at Daily Express Daily Express, one of the country's foremost heavy haul specialized trucking companies, is looking
Company: Daily Express
Location: Raleigh
Posted on: 10/17/2019


Regional CDL A Company Drivers
Description: Call our Recruitment Team Today 844-281-5133 br br Regional CDL A Drivers, Earn up to 80k/yr br Drivers Earn Up to 80K per year, with quarterly safety bonuses and benefits effective day 1 br (more...)
Company: Dollar General
Location: Raleigh
Posted on: 10/17/2019

WiFi Installation Support Technician
Description: JOB SUMMARY br Wifi Technical Support Technician is a senior level technical position within the company. Receives ticket escalations from members of the Customer Service team and from the Field Technicians (more...)
Company: Spectrum
Location: Durham
Posted on: 10/17/2019

Truck Driver - CDL
Description: br br Company Overview HD Supply NASDAQ:HDS www.hdsupply.com is one of the largest industrial distributors in North America. The company provides a broad range of products and value-add services (more...)
Company: HD Supply
Location: Raleigh
Posted on: 10/17/2019

Over The Road Truck Driver
Description: J.B. Hunt is now hiring CDL-A truck drivers into our Dedicated fleet Service a single customer and enjoy consistent time off, -5 days off after -25 days out.
Company: JB Hunt
Location: Durham
Posted on: 10/17/2019

Regional CDL-A Company Driver - Up to $0.62 CPM (Raleigh,NC)
Description: Looking for Consistent Home Time and Great Pay br RT T is looking for a Quality Driver to fill a Dedicated Lane br We are currently accepting applications for Owner Operators, Company Drivers, and (more...)
Company: RT&T Enterprises
Location: Raleigh
Posted on: 10/17/2019

CDL A Driver - Southeast Regional - 1+ yrs OTR EXP Required
Description: Opportunities Available for COMPANY DRIVERS Benefits ul li Home Time: Weekly or Biweekly li .43 - .45 CPM LOADED EMPTY li Paid Orientation
Company: Smith Transport
Location: Raleigh
Posted on: 10/17/2019

Truck Driver
Description: br br Praxair, Inc. is a leading industrial gas company in North and South America and one of the largest worldwide . Praxair produces, sells and distributes atmospheric, process and specialty gases (more...)
Company: Praxair
Location: Raleigh
Posted on: 10/17/2019

Log In or Create An Account

Get the latest North Carolina jobs by following @recnetNC on Twitter!

Durham RSS job feeds