Information Security Analyst II
- Employer
- Duke University
- Location
- Durham
View more
- Administrative Jobs
- Institutional & Business Affairs, Safety & Security, Technology, Analysts & Programming
- Employment Type
- Full Time
- Institution Type
- Four-Year Institution
Job Details
110679BR
Duke Entity
HEALTH SYSTEM
Job Code
3843 DHTS INFORMATION SECURITY ANALYST
Job Description
The Information Security Analyst Level 2 provides support for a variety of operational and consultative functions as part of the Duke Medicine Information Security Office (ISO). The Information Security Analyst Technical Lead helps design, implement, manage, and monitor security controls to protect the confidentiality, integrity, availability of the organization’s information assets in accordance with legal, regulatory, and institutional requirements. The Information Security Analyst Level 2 also acts as a subject matter expert in relevant domains of knowledge and will work in collaboration with IT, clinical, research, and management staff. The position provides expertise in defining requirements; developing and designing secure architectures; developing secure processes and standards; and selecting enterprise-wide security products, tools, technologies, and services. The Information Security Analyst Technical Lead works with all functional areas within IT to design and support secure technologies that meet the business needs of Duke Health.
Duties and Responsibilities
This position may include the following duties and responsibilities:Develop an understanding of key Duke Health technology and systems.Perform security pre-purchase evaluation of vendors in accordance with ISO procedures, and develop security requirements for the purchase of vendor solutions.Work with customers, Engineering, vendors, Compliance and other Duke Health staff to track and help remediate control deficiencies.Work with customer to implement DHTS security processes into customer workflows.Test application and system security controls, and providing development teams and/or vendors with remediation recommendations.Working in conjunction with cross-functional teams, develop and manage plans to attain and maintain compliance with HIPAA regulatory requirements.Conduct risk assessments and vulnerability scan to identify security risks and report on findings to system owners and management.Review existing security plans with system, application, and data owners/managers to ensure that controls are properly implemented, and to proactively identify any gaps that may result in non-compliance with regulatory or Duke Health requirements.Respond to relevant service requests received from end users.Provide reports and presentations on the status of security controls and industry trends to management and technical staff.Develop and deliver security training and security-related newsletter content for the organization’s staff.Participate in campus-wide information security events and programs to ensure alignment and knowledge sharing between departments.Participate in other activities necessary to support the information security program.
Required Qualifications at this Level
Education: Bachelor’s degree in a related clinical or technical field, or four years of equivalent technical experience required.
Experience: Minimum of ten years of general IT industry experience is required, of which at least five years should have been in an information security operations, engineering, or related role.
Degrees, Licensure, and/or Certification: Certified Information Systems Security Professional (CISSP) is strongly preferred. Candidate must pass the CISSP exam within two years of hire date.
The ideal candidate will hold additional technical or management certifications (e.g. HCISPP, CISM, CISA, CEH, GIAC, MCSE, CCNP, VMWare Certified Professional, CCIE, or PMP).
Knowledge, Skills, and Abilities: The Information Security Analyst 2 role requires multi-faceted information security and IT professional with a variety of knowledge, skills, and abilities. The successful candidate will possess experience one or more of the following areas: Data Loss Prevention (DLP) systemsEncryption technologies and standardsEndpoint technologies and standardsEndpoint security softwareIdentity and Access Management (IAM) solutions, including industry standards such as OAuth, OpenID, SAML, Shibboleth, etc.Network and/or application penetration testingNetwork security (e.g. firewalls, IDS/IPS, NAC, VPN, software-defined networking)Virtualization and container technologies (e.g. VMware, Docker)Server operating systemsVulnerability scanning tools and management practicesMust have a working knowledge of the HIPAA Security Rule, FISMA, or the NIST Cybersecurity Framework.The ideal candidate will have demonstrated the following characteristics through past professional and educational experiences:A broad understanding of multiple IT disciplines and technologiesStrong focus on customer satisfactionStrong written and oral communication skillsStrong critical thinking, analytical, and problem-solving skillsAble to troubleshoot problems in complex technical environmentsAble to work independently or as part of a team as necessaryAble to effectively prioritize tasks with competing deadlinesSelf-starter who is able to effectively use professional judgment and work with minimal directionExcellent interpersonal skills with a demonstrated ability to build relationships with colleagues, customers, vendors, and other third parties
#Dukejobs
Location
Durham
Requisition Number
401565896
Position Title
Information Security Analyst II
Shift
First/Day
Job Family Level
CD
Full Time / Part Time
FULL TIME
Regular / Temporary
Regular
Department Name
DHTS - INFORMATION SECURITY ADMIN
Minimum Qualifications
Duke University is an Affirmative Action/Equal Opportunity Employer committed to providing employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status.
Duke aspires to create a community built on collaboration, innovation, creativity, and belonging. Our collective success depends on the robust exchange of ideas—an exchange that is best when the rich diversity of our perspectives, backgrounds, and experiences flourishes. To achieve this exchange, it is essential that all members of the community feel secure and welcome, that the contributions of all individuals are respected, and that all voices are heard. All members of our community have a responsibility to uphold these values.
Essential Physical Job Functions: Certain jobs at Duke University and Duke University Health System may include essential job functions that require specific physical and/or mental abilities. Additional information and provision for requests for reasonable accommodation will be provided by each hiring department. Employment opportunity without regard to an individual's age, color, disability, gender, gender expression, gender identity, genetic information, national origin, race, religion, sex, sexual orientation, or veteran status.
Education
Level 2 - Bachelor's degree in a related clinical or technical fields, or four years of equivalent technical experience required.
Level 2 requires: One or more information security industry certifications (e.g. CISSP, CISM, CISA, CEH, or equivalent) are preferred. Additional technical or management certifications (e.g. MCSE, CCNP,CCIE, or PMP) are preferred. Level 2, requires: One or more information security industry certifications (e.g. CISSP, CISM, CISA, CEH, or equivalent) are required.
Experience
Level 2 - Two years of related experience is required.
Degrees, Licensures, Certifications
N/A
Organization
History
Duke University was created in 1924 by James Buchanan Duke as a memorial to his father, Washington Duke. The Dukes, a Durham family that built a worldwide financial empire in the manufacture of tobacco products and developed electricity production in the Carolinas, long had been interested in Trinity College. Trinity traced its roots to 1838 in nearby Randolph County when local Methodist and Quaker communities opened Union Institute. The school, then named Trinity College, moved to Durham in 1892, where Benjamin Newton Duke served as a primary benefactor and link with the Duke family until his death in 1929. In December 1924, the provisions of indenture by Benjamin’s brother, James B. Duke, created the family philanthropic foundation, The Duke Endowment, which provided for the expansion of Trinity College into Duke University.
As a result of the Duke gift, Trinity underwent both physical and academic expansion. The original Durham campus became known as East Campus when it was rebuilt in stately Georgian architecture. West Campus, Gothic in style and dominated by the soaring 210-foot tower of Duke Chapel, opened in 1930. East Campus served as home of the Woman's College of Duke University until 1972, when the men's and women's undergraduate colleges merged. Both men and women undergraduates now enroll in either the Trinity College of Arts & Sciences or the Pratt School of Engineering. In 1995, East Campus became the home for all first-year students.
Duke maintains a historic affiliation with the United Methodist Church.
Home of the Blue Devils, Duke University has about 13,000 undergraduate and graduate students and a world-class faculty helping to expand the frontiers of knowledge. The university has a strong commitment to applying knowledge in service to society, both near its North Carolina campus and around the world.
Mission Statement
"James B. Duke's founding Indenture of Duke University directed the members of the University to 'provide real leadership in the educational world' by choosing individuals of 'outstanding character, ability, and vision' to serve as its officers, trustees and faculty; by carefully selecting students of 'character, determination and application;' and by pursuing those areas of teaching and scholarship that would 'most help to develop our resources, increase our wisdom, and promote human happiness.'
“To these ends, the mission of Duke University is to provide a superior liberal education to undergraduate students, attending not only to their intellectual growth but also to their development as adults committed to high ethical standards and full participation as leaders in their communities; to prepare future members of the learned professions for lives of skilled and ethical service by providing excellent graduate and professional education; to advance the frontiers of knowledge and contribute boldly to the international community of scholarship; to promote an intellectual environment built on a commitment to free and open inquiry; to help those who suffer, cure disease, and promote health, through sophisticated medical research and thoughtful patient care; to provide wide ranging educational opportunities, on and beyond our campuses, for traditional students, active professionals and life-long learners using the power of information technologies; and to promote a deep appreciation for the range of human difference and potential, a sense of the obligations and rewards of citizenship, and a commitment to learning, freedom and truth.
“By pursuing these objectives with vision and integrity, Duke University seeks to engage the mind, elevate the spirit, and stimulate the best effort of all who are associated with the University; to contribute in diverse ways to the local community, the state, the nation and the world; and to attain and maintain a place of real leadership in all that we do.”
Get job alerts
Create a job alert and receive personalized job recommendations straight to your inbox.
Create alert