"Alerted.org

Salary Range $45,000.00 - $45,000.00 Salary/year

Position Type Full Time

Education Level 2 Year Degree

Category Information Technology

Description

Position Summary: The Information Security Specialist is a core member of the Information Security Department (InfoSec) within WestCare’s Information Services Division (iServ). This position collaboratively designs, implements, operates, and continuously improves technical and administrative security controls to protect the confidentiality, integrity, and availability of WestCare’s information assets. The role requires professional judgment, technical analysis, and proactive ownership of security outcomes, including after-hours incident monitoring through a rotating on-call schedule.

Essential Job Functions:

+ Works with the Director of Information Security and Chief Information Officer (CIO) to build a team-oriented environment that promotes dependability and fairness and rewards collaboration, information sharing, tolerance, and open-mindedness.

+ Ensures that WestCare’s information security program complies with relevant laws/regulations (HIPPA, 42 CFR Part 2, Red Flags Rule, various state data protection laws, etc.), accreditation standards (The Joint Commission and CARF) and internal policies and standards.

+ Adheres to all WestCare’s policies, plans, standards, and procedures and helps enforce those related to information security, vendor risk management, business continuity, and record retention and management.

+ Performs the following primary responsibilities under the oversight of the Director of Information Security:

+ Manages, monitors, and enhances the controls for a strategic, comprehensive information security program.

+ Evaluates staff submissions of suspicious emails, determines containment or escalation steps, and communicates outcomes and lessons learned.

+ Designs and delivers phishing simulations, awareness surveys, and role-based security training, using results to drive measurable improvement in organizational security posture.

+ Develops, updates, distributes, and presents security awareness materials and communications tailored to technical and non-technical audiences.

+ Performs information security facility reviews and track issues until resolved.

+ Mentors and trains members of the Security Champions program.

+ Develops, updates, distributes, and presents security training and awareness materials.

+ Supports the primary responsibilities of Information Security Analysts when needed, including:

+ Monitoring various information security systems, including those for asset inventory, data loss prevention, endpoint protection, security incident & event management, and vulnerability management.

+ Analyzing data from various information security systems and reports findings when appropriate.

+ Performing forensics investigations and associated tracking related to information security concerns and incidents. When necessary, assisting with the implementation of relevant incident response plans and emergency procedures.

+ Performing access control reviews, configuration management reviews, security risk assessments, and vulnerability assessments.

+ Monitoring threat intelligence and other industry information sources. Alerting the IT Department and/or management when necessary and appropriate.

+ Remains knowledgeable of trends and developments in information security through ongoing training and professional development.

+ Acts as a WestCare representative and liaison with external partners/collaborators.

+ Embraces/embodies the mission, vision, guiding principles, and goals of WestCare.

+ Performs other relevant duties as assigned.

Qualifications

Essential Qualifications:

+ Must be honest and ethical, verifiable through character references.

+ Must have the demonstrated ability to exercise good judgment and discretion.

+ Must have adequate verbal and written communication skills, including effectively explaining complex technical concepts and issues to non-technical and business audiences.

+ Must have demonstrated proficiency with applicable technologies, including operating systems, network infrastructure, security monitoring tools, and Microsoft Office applications.

+ Must learn quickly in a highly technical and continually changing environment.

+ Must be able to balance the needs of many concurrent projects and work effectively with cross-functional teams.

+ Must be able to respond as needed to crisis or emergency situations efficiently and effectively.

+ Must have the ability to work independently as well as collaboratively with others in a manner that is pleasant and professional.

+ Must be willing to seek out opportunities and contribute ideas and efforts toward constantly improving WestCare services and processes.

+ Must have a professional appearance and demeanor.

+ Must have a valid driver’s license, a clean motor vehicle record, and carry applicable insurance as required by state law.

+ Must have the willingness to travel to other WestCare facilities when necessary.

+ Must have the willingness to be cross trained in other functions of the Information Technology department, including, but not limited to, help desk, field support, and application support.

Education:

+ Associate degree or equivalent certification and experience, preferably in information technology, information security, or a related field.

+ A minimum of one year of relevant experience, preferably in the healthcare sector.

+ The willingness to pursue relevant IT and security-related training and certifications.

Working Conditions:

+ Work is performed primarily in a professional office or program setting.

+ A minimum of 40 hours per week is expected, but significantly more hours may be required from time to time. Completion of job duties may require working before and after normal working hours. Regular attendance is required. Being able to work as many hours as is necessary to complete job tasks is a required and essential duty of this position.

Essential Physical and Mental Demands of the Job: The employee must be able to perform the following essential duties and activities with or without accommodation:

Physical Demands:

+ Requires mobility and physical activity: Having an adequate range of body motion and mobility to work in an office, including standing and walking (even and uneven surfaces), sitting for extended periods of time, bending, twisting, reaching, balancing, occasional lifting and carrying of up to 30 pounds. Use of computer and telephone systems is required which includes coordination of eye and hand, and fine manipulation by the hands (typing, writing, and working with files).

+ Requires talking: Expressing or exchanging ideas by means of the spoken word. Talking is required to impart oral information to employees, clients, patients, and the public, and in those activities in which the employee is required to convey detailed or important spoken instructions to others accurately, loudly, or quickly.

+ Requires hearing: Hearing is required to receive and communicate detailed information through oral communication.

+ Requires seeing: Clarity of vision at 20 inches or less and at a distance. This factor is required to conduct computer operations or complete paperwork for many essential job functions.

+ The normal work routine involves no exposure to human blood, body fluids, or tissues. However, if exposure or potential exposure is possible, appropriate personal protective equipment is readily available to every employee.

Mental Demands:

+ Requires the ability to collect and analyze complex numerical and written data and verbal information to reach logical conclusions.

+ Requires the ability to work and cooperate with clients, co-workers, managers, the public, and employees at all levels to exchange ideas, information, instructions, and opinions.

+ Requires the ability to work under stress and in emotionally charged settings.