Cedars-Sinai Information Security Specialist in Los Angeles, California
Information Security Specialist Requisition # E10082
Come join us and find out why Cedars-Sinai has been ranked as one of the top 100 best places to work in IT as ranked by 2017 Computerworld Magazine.
Responsible for supporting the creation and implementation of security architectures and secure application designs for information systems. This includes: assisting application developers and support teams with secure application design, planning and integration; conducting security architecture reviews, provides secure application and infrastructure solutions, end-to-end; designing and implementing mechanisms and programs that restrict access of malicious intent and other unauthorized users; introducing new security methods and technologies for integration with existing technical architectures, frameworks, implementation planning, documentation of best practices, and templates; assessing security threats and risks, recommend and assist in the delivery of solutions to mitigate risks; educating project stakeholders in the need for and the use of security technology; participating in the creation and administration of data security policies, procedures, and standards; and participating in access audits and conducting computing forensics.
- Participate in the creation and maintenance of data and network security policies and procedures
- Provide system assurance and security oversight in EIS change control process; review and evaluate risks of submitted changes and impact to the security of CSMC network and systems.
- Review logs from intrusion detection and monitoring systems, conduct correlation analysis, and take action accordingly
- Facilitate external third party assurance reviews to assess networks (internal, external, wireless, etc.)
- Perform technical security reviews of CSHS information systems on as needed basis
- Work with technical teams to facilitate and promote security incident response procedures and address monitoring concerns and identification of criteria for audit reporting.
- Maintain security expertise and knowledge of current threat trends
- Conduct on-demand forensics analysis and review of compromised systems and/or systems used in potential unsecure and un-trusted manner.
- Evaluate new security products, devices, and/or methodologies to facilitate determination of compatibility for use within CSMC technical security architecture.
- Conduct periodic review and scanning of DMZ assets, critical servers, and internal, external and wireless networks.
- Develop security metrics and reporting on security monitoring efforts
- Leverage security monitoring tools to evaluate and improve the security of organization systems and network.
- Maintain and support the security tools suite to ensure logged data fidelity and integrity.
- Performs other duties as requested.
• As required
Education Certifications/Licensure Experience Physical Abilities Educational requirements and/or preferences:
• Bachelor’s degree in Computer Science/related discipline or the equivalent in education and work experience.
• Minimum of 3 years experience as a security specialist with knowledge in solution design, deployment, and operations in desktop, server, network and server technologies.
• Security certifications from SANS or equivalent (GIAC, GSEC, SSCP; CISSP) is required (may be allowed to be obtained within first 6 months).
• Demonstrated understanding of computer/network security, operating systems, such as UNIX/LINUX, Windows and NT, LAN/WAN networking protocols such as TCP/IP, routing, firewalls, IDS/IPS, PKI and encryption.
• Practical understanding of current information security concepts, methods, best practices and technologies as applied to the enterprise environment, specifically including:
o Information Classification,
o Network security protocols, methods and technologies,
o Application and Web Layer Security (Web 2.0, Secure Messaging, Secure Protocols),
o Continuity of operations planning and disaster recovery strategies and architectures, and
o Identity Access Management and Access Control.
• Knowledge of, and experience with regulatory and compliance information security frameworks, standards and best practices (NIST, ITIL, HIPAA, PCI-DSS, ISO 27000 series, etc.).
• Proficient with office automation, project management and communication tools
• Ability to work with system engineers to standardize departmental based information systems security.
• Able to collaborate with colleagues and share information, resources and ideas.
- Working Title: Information Security Specialist
- Business Entity: CSMC - Cedars-Sinai Medical Center
- Cost Center # - Cost Center Name: 0848072 - Information Security
- City: Los Angeles
- Job Category: Information Technology/Telecom
- Job Specialty: Technology Architecture
- Position Type: Regular-F/T
- Shift Length: 8hr
- Hours: 8am - 5pm
- Days: Monday - Friday
- Shift Type: Day
- Weekends: As Needed
Cedars-Sinai is an EEO employer. Cedars-Sinai does not unlawfully discriminate on the basis of the race, religion, color, national origin, citizenship, ancestry, physical or mental disability, legally protected medical condition (cancer-related or genetic characteristics or any genetic information), marital status, sex, gender, sexual orientation, gender identity, gender expression, pregnancy, age (40 or older), military and/or veteran status or any other basis protected by federal or state law. If you need a reasonable accommodation for any part of the employment process, please contact us by email at Applicant_Accommodation@cshs.org and let us know the nature of your request and your contact information. Requests for accommodation will be considered on a case-by-case basis. Please note that only inquiries concerning a request for reasonable accommodation will be responded to from this email address.
Cedars-Sinai will consider for employment qualified applicants with criminal histories, in accordance with the Los Angeles Fair Chance Initiative for Hiring.
At Cedars-Sinai, we are dedicated to the safety, health and wellbeing of our patients and employees. This includes protecting our patients from communicable diseases, such as influenza (flu). For this reason, we require that all new employees receive a flu vaccine based on the seasonal availability of flu vaccine (typically during September through March each year) as a condition of employment, and annually thereafter as a condition of continued employment.