Work Shift:

Capital Health is the region's leader in providing progressive, quality patient care with significant investments in our exceptional physicians, nurses and staff, as well as advance technology. Capital Health is a five-time Magnet-Recognized health system for nursing excellence and is comprised of 2 hospitals. Capital Health Medical Group is made up of more than 250 physicians and other providers who offer primary and specialty care, as well as hospital-based services, to patients throughout the region.

Position Overview:

JOB CODE: 13508

FLSA Exemption Status: Exempt

SUMMARY (BASIC PURPOSE OF THE JOB)

Maintain security policies, assess the effectiveness of the security program, perform risk assessments, provide security education, and manage remediation of enterprise information security risks. This includes planning, organizing and coordinating functional development and implementation projects that touch the enterprise. Daily responsibilities include policy development, security awareness training, risk management, internal audit, third party risk management, BCP/DRP, supporting security stack, and security incident response. Conduct security research and threat hunting to proactively protect the enterprise. Provide support to other GRC team members and IT staff.

MINIMUM REQUIREMENTS

Education: Bachelor's degree in a relevant field or equivalent.

Experience: 6+ years of experience in information security or related roles, with a focus on GRC, vulnerability management, security assessments, threat hunting, BCP/DRP, and TPRM. Experience with PAM, IAM, NIST CSF, HIPAA, SOC or other security framework a plus.

Knowledge and Skills: Relevant certifications such as CompTIA Security+, Certified Information Systems Security Professional (CISSP) preferred. Knowledge of desktop support, server, networking and security technologies. Experience with desktops, servers, storage, virtualization, networking and security technologies.

Special Training: Network+, Security+, ISACA CISM, CISA, ISC2 CISSP, or other advanced IT security certifications.

ESSENTIAL FUNCTIONS

Conducts regular vulnerability scans across the organization's infrastructure, applications, and network assets.

Analyzes and prioritizes vulnerability scan results, working with IT teams to implement remediation efforts.

Assists in performing detailed security assessments and reviews of systems, applications, and infrastructure components.

Documents and communicates findings, providing actionable recommendations to enhance security.

Operates and maintains security tools, including intrusion detection systems, endpoint protection, and security information and event management (SIEM) systems.

Monitors security alerts, analyzes incidents, and contributes to incident response activities.

Stays abreast of the latest threat intelligence and security trends.

Utilizes threat intelligence to enhance the organization's ability to detect and respond to emerging threats.

Collaborates closely with the Security Operations team to understand day-to-day operational challenges and contribute to effective solutions.

Participates in incident response activities, ensuring a coordinated and efficient response to security incidents.

Maintains comprehensive documentation of security assessments, vulnerability management activities, and incident response procedures.

Generates regular reports on security metrics, vulnerability status, and incident response performance.

Contributes to the development and delivery of security awareness training for employees.

Fosters a culture of security awareness and best practices within the organization.

Stays informed about industry best practices, emerging threats, and advancements in cybersecurity.

Pursues relevant certifications and training opportunities to enhance expertise.

Assist GRC team member with trouble resolution and knowledgebase development. Provide guidance and training to IT team members and hospital staff.

Review and recommend security tools, appliances, and software for the enterprise. Implement and support security tools, appliances, and software.

Performs other duties as assigned.

PHYSICAL DEMANDS AND WORK ENVIRONMENT

Frequent physical demands include:

Occasional physical demands include: Standing, Walking, Climbing (e.g., stairs or ladders), Carry objects, Push/Pull, Twisting, Bending, Reaching forward, Reaching overhead, Squat/kneel/crawl, Wrist position deviation, Pinching/fine motor activities

Continuous physical demands include: Sitting, Keyboard use/repetitive motion

Lifting Floor to Waist 15 lbs. Lifting Waist Level and Above 10 lbs.

Sensory Requirements include: Accurate Near Vision, Accurate Far Vision, Color Discrimination, Minimal Depth Perception, Accurate Hearing

Anticipated Occupational Exposure Risks Include the following: N/A

Offers are contingent upon successful completion of our onboarding process and pre-employment physical.  Capital Health will require all applicants (including contractors, travelers and consultants) to have an annual flu vaccine prior to start date, with the exception of individuals with medical and religious exemptions.

"Company will never ask candidates for social security numbers or date of birth during application phase. If you are asked for this information online, you may be a target for identity theft."