In collaboration with infrastructure application teams and external department system administrators, implements and monitors organizational IT security policies and procedures, ensuring technical controls are enforced.
Works with IT department managers and staff to ensure security issues are addressed as new equipment, facilities, systems, and software are installed.
Develops processes for routine and requested internal audits of systems, applications, and data access including tools and techniques used to conduct audits.
Conducts or coordinates audits on predefined schedule and when an audit is requested or indicated as part of an investigation.
Documents audit findings and follows-up on access irregularities.
Follows procedures and industry best practices for reporting and investigating IT related security incidents.
Investigates and documents all reported or suspected security incidents. Maintains documentation of investigations and provides reports to the Chief Information Security Officer.
Recommends implementation of corrective actions needed to mitigate security vulnerabilities.
In coordination with Network/Server and Applications, develops procedures and technical controls to monitor appropriate administrator, end-user, vendor, and remote access to the Denver Health network, and IT systems.
Investigates alerts to ensure that information is not altered or lost during storage, or transmission.
Collaborates with the Project Management Office (PMO) on initiatives involving the IT Security program.
Provide monthly metrics to the CISO and the IT Director of Information Security by the 3 rd business day of each month.
Monitor and respond to help desk tickets within the documented Service Level Agreements (SLA).
Maintain current documentation for all procedures and applications currently in use.
Respond to all on-call notifications within required documented SLA’s.
Responsible for periodically updating management, via written or verbal reports, on all issues, concerns, or problems related to the IT Security program.
Monitors changes to applicable laws, industry standards, and regulatory or accreditation requirements, and incorporates requirements into the organization’s IT Security program.
Plans and organizes time effectively. Integrate priority changes into work plans. Anticipates resource needs and plans accordingly.

Requirements

Bachelor’s degree required or a minimum of 5 years of IT experience required
At least one IT Security certification (i.e. CompTIA Security+) required
Familiarity with regulations and compliance issues, preferably within the healthcare industry
Demonstrated ability to drive multiple requirements across systems, users, and workflows
Demonstrated ability to communicate with technical and non-technical stakeholders across the organization
Working knowledge of IT Security tools and solutions
Demonstrated ability to recognize and respond to alerts or other behaviors to quickly detect and mitigate potential threats
Demonstrated ability to mentor, educate, and train other team members
Familiarity with advanced networking concepts (i.e., TCP/IP)
Strong understanding of Microsoft Windows desktop and server operating systems
Familiarity with Linux operating systems
Advanced knowledge of Web Security Solutions
Advanced knowledge of E-Mail Security Solutions
Advanced knowledge of Security Incident Event Management (SIEM) systems
Advanced knowledge of Vulnerability Management
Advanced knowledge of security architecture including NIST, OWASP, etc.

Benefits

Outstanding benefits including up to 27 paid days off per year
immediate retirement plan employer contribution up to 9.5%
generous medical plans
Free RTD EcoPass (public transportation)
On-site employee fitness center and wellness classes
Childcare discount programs & exclusive perks on large brands, travel, and more
Tuition reimbursement & assistance
Education & development opportunities including career pathways and coaching
Professional clinical advancement program & shared governance
Public Service Loan Forgiveness (PSLF) eligible employer+ free student loan coaching and assistance navigating the PSLF program
National Health Service Corps (NHCS) and Colorado Health Service Corps (CHSC) eligible employer

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard Skills & Tools

IT securityauditingsecurity incident responsevulnerability managementnetwork securityWeb Security SolutionsE-Mail Security SolutionsSecurity Incident Event Management (SIEM)advanced networking conceptsMicrosoft Windows operating systems

Soft Skills

communicationmentoringorganizational skillsproblem-solvingcollaborationtime managementability to drive requirementsability to respond to alertsreportingtraining

Certifications

CompTIA Security+