Information Security Analyst

Information Security Analyst 3.3 3.3 out of 5 stars

DESCRIPTION OF POSITION

The Information Security Analyst plays a key role in supporting and enhancing Morris Hospital & Healthcare Center's (MHHC) Information Security Compliance Program. Working closely with the Manager of Information Security and Access Control, this role is responsible for conducting security compliance reviews across business, clinical, and infrastructure environments, as well as performing security risk assessments for both internal and external information assets. The analyst also contributes to MHHC's incident response and digital forensics efforts, helping ensure the confidentiality, integrity, and availability of enterprise information resources. This position provides actionable recommendations that balance cybersecurity risks with business objectives, enabling the organization to operate securely and effectively. Additionally, the analyst helps strengthen MHHC's overall security posture to support evolving business and clinical needs.

QUALIFICATIONS

Professional/Educational With Bachelor's Degree:

3-5+ years of experience in computing and information security, including experience with Internet technology security issues.

With Associate's Degree:

5-7+ years of experience in computing and information security, including experience with Internet technology security issues.

With High School Diploma:

7-10+ years of experience in computing and information security, including experience with Internet technology security issues. Experience should include demonstrated proficiency in: Security policy and framework development (NIST

CSF, CIS

Controls, etc.) Security Awareness program support and education Network and application vulnerability assessments Penetration testing and remediation Risk analysis, regulatory audit readiness, and compliance testing Incident response and digital forensics processes Strong proven experience with security technologies including but not limited to: IPS, SIEM, Web and Email Gateways, DLP solutions, Firewalls (network and application), EDR/MDR platforms, MDM, forensic toolkits, vulnerability scanning tools and log analysis platforms. Background supporting or operating within 24/7 enterprise or mission critical environments. Healthcare cybersecurity experience strongly preferred, including familiarity with: Health Insurance Portability and Accountability Act security rule and

HITECH PHI

protection requirements EHR systems, clinical workflows, and medical device security OCR audit expectations and healthier care threat vectors (e.g. ransomware, downtime procedures) Formal information security certifications preferred (i.e. CISSP, Security+, CISM, OSCP, etc.). Willingness to pursue cybersecurity certification within two years of hiring. Solid project management skills and substantial exposure to project-based work structures, project lifecycle models, etc. Strong leadership, communication, and collaboration skills with the ability to influence organizational culture, guide technical stakeholders, and drive security improvement initiatives independently. Personal Works effectively with others, possessing tact, discretion and diplomacy. Exhibits a positive, service-oriented attitude. Organized and able to handle multiple priorities. Possesses ability to work under pressure. Demonstrates leadership and teaching ability. Excellent oral and written communication skills and attention to detail. Actual pay will be determined by qualifications, experience, and internal equity. Morris Hospital & Healthcare Centers offers a comprehensive benefit package including: Medical, dental, vision plans Paid time off Retirement plan, including immediate 100% vesting Life insurance Disability coverage Nurse residency program Wellness program Health club / gym membership reimbursement Reward & Recognition programs

Tuition Reimbursement Employee Assistance Program Morris Hospital Employee Benefits Location:

Morris Hospital •

MH INFORM TECH SRVS

Schedule:

FT, Days, Day Shift