Providence Health & Services Principal Information Security Analyst in Beaverton, Oregon
Providence is calling a Principal Information Security Analyst to Providence St. Joseph Health (PSJH) in Renton WA, Portland OR, Beaverton OR, Torrance CA, Burbank CA, Irvine CA, Anchorage AK or Missoula MT.
We are seeking a Principal Information Security Analyst to be able to translate strategy into tactical plans then achieve its milestones, determining resource needs and coordinating the work of a cross functional team, often in a lead role. They are responsible for overseeing and coordination of all aspects of a significant domain(s) within the information security program ranging from business requirements and detailed planning (schedule, scope, budget) to on-time completion of deliverables to QA criteria and testing and ongoing metrics and reporting. He/She works fairly autonomously to proactively develop enterprise security methodologies and implement enterprise-wide processes that address and show adherence to regulatory requirements, and that reduce risks to the organization while driving efficiencies. They formulate and lead interdisciplinary teams to identify, assess and address security risks. They are recognized both within RIS and by business units as an authoritative subject matter expert for their assigned domains and have a strong understanding of how the security programs support and effect the organization.
In this position you will have the following responsibilities:
Identify, develop, and implement needed enterprise-wide security programs and projects that include budget, resource plans, work-plans, schedules and supporting training and documentation. Readily able to translate strategic direction into a concrete action plan with milestones and success criteria. Works proactively with minimal supervision / provides leadership for cross functional teams.
Plans and leads the work of others. Works proactively with minimal supervision and collaborates across organizational boundaries. Routinely interfaces with business and technology leaders and sponsors to Identify, develop, and implement needed enterprise-wide security programs and projects that include budget, resource plans, work-plans, schedules and supporting training and documentation, Develop business and technical requirements; create use cases, test cases and QA criteria to support project implementation while driving health system objectives relative to standardization, integration, efficiency and regulatory compliance, Manage completion of deliverables of assigned resources in cross-functional project teams, often for concurrent projects. Serve as ISS liaison for new system implementations and enhancement projects, Facilitate /coordinate resources required for system implementations, Drive /coordinate departmental organizational and operational transformation initiatives. Manages initiatives that support the creation and implementation of operational support models, availability models, system portfolios, service delivery playbooks, service dashboards (key performance indicators, key risk indicators) and system inventory financial portfolios. Leads teams to drive ongoing process improvement and optimization of these initiatives, Creates, documents, implements and manages procedures and processes that ensure security control effectiveness and Develops and maintains documentation for all assigned responsibilities.
Drives/coordinates resources assigned to security initiatives in support of Information Services (IS) and other departmental transformation initiatives.
Facilitates/coordinates resources required for system implementations, Manage, coach, mentor, and develop functional team, including identification of training needs and recommending development programs, Recruits, leads, trains and inspires a diverse group of individuals, Translates strategic directions and guidance into tactical plans, processes, and tools to achieve the strategic outcomes and Prioritize work, delegate tasks and effectively address difficult situations.
Drives /coordinates departmental organizational and operational transformation initiatives. Manages initiatives that support the creation and implementation of operational support models, availability models, system portfolios, service delivery playbooks, service dashboards (key performance indicators, key risk indicators) and system inventory financial portfolios. Leads teams to drive ongoing process improvement and optimization of these initiatives. Manages and oversees strategy, planning and delivery.
Drives/coordinates resources assigned to security initiatives in support of Information Services (IS) and other departmental transformation initiatives. Manages and oversees strategy, planning and delivery.
Required qualifications for this position include:
Bachelor’s Degree in Computer Science, Management Information Systems, Information Security, Business Management or a related field Or equivalent educ/experience.
10 years in Information Security.
Demonstrated experience working independently and in collaboration with cross-functional teams. In addition, has demonstrated experience providing in-depth analysis of complex issues which are then presented to cross-functional teams.
Demonstrated experience providing in-depth analysis of complex issues which are then presented to cross-functional teams.
Expert level skill translating operational tasks into standard, repeatable, measurable processes with ongoing improvement targets. Demonstrated experience in service delivery, process definition, and basic system development.
Hands-on experience with security risk management practices as well as knowledge of regulatory and industry compliance requirements such as NIST Framework for Improving Critical Infrastructure Cybersecurity, HIPAA, HITECH, HITRUST, JCAHO, ISO 27001, PCI DSS etc.
Must understand, communicate and enforce PSJH policies and standards.
Design, develop and document risk and/or business functions business continuity plans in a Governance, Risk and Compliance (GRC) tool.
Ability to communicate complex technical concepts in simple but compelling lay terms.
Upon Hire be CERTIFIED INFORMATION SYSTEMS SECURITY PROFESSIONAL
Upon Hire be CERTIFIED INFORMATION SYSTEMS AUDITOR
Preferred qualifications for this position include:
Master’s Degree in Computer Science, Management Information Systems, Information Security, Business Management or a related field.
10 years in Information Security and Healthcare.
Strong day-to-day understanding of information security and risk management. Healthcare industry knowledge
About the department you will serve.
Providence Strategic and Management Services provides a variety of functional and system support services for all eight regions of Providence Health & Services from Alaska to California. We are focused on supporting our Mission by delivering a robust foundation of services and sharing of specialized expertise.
We offer a full comprehensive range of benefits - see our website for details
As people of Providence, we reveal God's love for all, especially the poor and vulnerable, through our compassionate service.
Providence Health & Services is the third largest not-for-profit health system in the United States. Providence employs more than 82,000 caregivers (employees) across a five-state area; AK, WA, MT, OR, and CA. Our facilities include 34 hospitals, 600 physician clinics, senior services, supportive housing and other health and educational services. Providence is proud to be an Equal Opportunity Employer. Providence does not discriminate on the basis of race, color, gender, disability, veteran, military status, religion, age, creed, national origin, sexual identity or expression, sexual orientation, marital status, genetic information, or any other basis prohibited by local, state, or federal law.
Job Category: Information Technology
Other Location(s): California-Torrance, Oregon-Portland, Oregon-Beaverton, Alaska-Anchorage, Montana-Missoula, California-Burbank, California-Irvine
Req ID: 176329