Health care is constantly changing, and at Banner Health, we are at the front of that change. We are leading health care to make the experience the best it can be. We want to change the lives of those in our care - and the people who choose to take on this challenge. If changing health care for the better sounds like something you want to be part of, we want to hear from you.
The Cybersecurity Team is responsible for the overall security of the Banner Health network, through proactive and reactive measures. The team develops, configures, implements, tunes, maintains solutions, resolves technical and business issues related to cybersecurity threat & vulnerability management, identity management, security operations center, forensics, and data protection. An integral part of this focus is the scanning of devices to identify vulnerabilities ahead of attackers.
In the role as Vulnerability Management Analyst you will responsible for performing detailed vulnerability assessments on new and current systems within the environment. Additionally, you will also be responsible for evaluating security alerts from internal/external sources and performing scans to determine Banner's exposure to new threats. The candidate will be responsible for tracking and coordinating remediation on items with the application owners using established processes and escalating issues as appropriate.
Your pay and benefits (Total Rewards) are important components of your Journey at Banner Health. Banner Health offers a variety of benefit plans to help you and your family. We provide health and financial security options, so you can focus on being the best at what you do and enjoying your life.
Within Banner Health Corporate, you will have the opportunity to apply your unique experience and expertise in support of a nationally-recognized healthcare leader. We offer stimulating and rewarding careers in a wide array of disciplines. Whether your background is in Human Resources, Finance, Information Technology, Legal, Managed Care Programs or Public Relations, you'll find many options for contributing to our award-winning patient care.
POSITION SUMMARY This position is responsible for the development, implementation, and management of multiple concurrent interrelated information security architectures and technology. Facilitates security risk management initiatives by fostering collaboration with senior management from various departments, serving as the subject matter expert for determination of the company's direction for identifying and mitigating information security risks. Serves as the subject matter expert for ensuring implemented security solutions are effectively providing data for analytical purposes; analytics are producing reasonable and actionable reports; and security incidents are managed in accordance with company policy and meeting regulatory requirements.
CORE FUNCTIONS 1. Proactively initiates security reviews, evaluations, and risk assessments, leading the development and implementation of appropriate recommendations.
2. Leads and conducts multiple, complex and inter-dependent risk analyses of company's information security architecture, focusing on threats and vulnerabilities affecting company's hardware and software components, with the objective of proactively mitigating threats throughout our infrastructure.
3. Authors new and revised policies and procedures. Explains and presents policies to senior management.
4. Serves as the subject matter expert for providing technical expertise and support for security software. Responsible for mentoring junior members of the team and may supervise the work of the department in the absence of immediate supervisor.
5. Serves as subject matter expert for guidance, direction, and oversight for company's compliance with all federal, state, and local mandated information security laws, rules, and guidelines. Remain current with the latest industry technical information. This includes providing oversight for highly complex, sensitive security projects for the organization.
6. Serves a project manager or project leader for information security projects, including the development of project scope requirements, budgeting, and project planning.
7. Manages and oversees the processes and outcomes for multiple interrelated security incidents, recoveries, breaches, intrusions, and system abuses. Ensures security incidents are resolved timely and appropriately.
8. Under general direction, this position is responsible for information security across multiple departments system-wide and requires interaction at all levels of staff and management.
Must possess strong knowledge of business, information security and/or computer science as normally obtained through the completion of a bachelor's degree.
Certified Information System Security Professional(CISSP) or Certified Information Systems Auditor (CISA) required within one year of entering the position.
Must also possess 6 years experience in a healthcare or related environment or an equivalent combination of relevant education, technical, business and healthcare experience.
Requires independent judgment, critical decision making, excellent analytical skills, with excellent verbal and written communications. Ability to think quickly under difficult or complex conditions and clearly communicate to appropriate staff; ability to balance project workloads with customer support and on-call demands. Must demonstrate general knowledge of information technology and information security principles and practices. Must have experience in project planning and reporting either individually or in a team. Requires communication and presentation skills to engage technical and non-technical audiences. Requires ability to communicate, and interact across facilities and at various levels. Incumbent will have skills to mentor less experienced team members. As is typical in this industry, variable shifts and hours and carrying/responding to a pager may be required.
Additional related education and/or experience preferred.
DATE APPROVED 08/19/2012
Internal Number: R1181
About Banner Health
You want to change the health care industry – one life at a time. You belong here. You’re excited to be part of the dramatic changes happening in the health care field. In fact, you thrive on change. But you also understand that excellent, compassionate patient care is the true measure of the success of these changes. You belong at Banner Health. Our award-winning, comprehensive health system includes 23 hospitals in seven western states, primary care health centers, research centers, labs, a network of physician practices and much more. Throughout our system, skilled, compassionate professionals use the latest technology to change the way care is provided. If you’re looking to be a key contributor to a forward-looking organization, you’ll experience a wide variety of professional advantages: •Our vision for changing the future of health care gives you the opportunity to leverage your abilities to achieve something historic. •Our expansive system offers you an unmatched variety of clinical settings – from large urban trauma center to small rural hospital, ambulatory to home health. Our system also includes hospitals specializing in cancer, heart health and pediatrics. •Our many loc...ations also translate into a broad selection of exciting and rewarding lifestyle options – from the big city to the wide-open spaces. •Our commitment to healthcare innovation means you always have the latest technologies at your fingertips to help you provide the finest care possible. •The size, success and growth of our system provide you with the stability and options to pursue your desired career path. •Our competitive compensation and comprehensive benefits offer you options to complement your unique needs.