Job Information

AdventHealth IT Security Analyst - Associate in Altamonte Springs, Florida

Description

All the benefits and perks you need for you and your family:

  • Benefits from Day One

  • Paid Days Off from Day One

  • Student Loan Repayment Program

  • Career Development

  • Whole Person Wellbeing Resources

  • Mental Health Resources and Support

Our promise to you:

Joining AdventHealth is about being part of something bigger. It’s about belonging to a community that believes in the wholeness of each person, and serves to uplift others in body, mind and spirit. AdventHealth is a place where you can thrive professionally, and grow spiritually, by Extending the Healing Ministry of Christ. Where you will be valued for who you are and the unique experiences you bring to our purpose-minded team. All while understanding that together we are even better.

Schedule: Full Time

The role you’ll contribute:

Analyst IT (Team Name) Associate, under the general direction of (Dept Team Supervisor and/or Manager), performs responsibilities of design, configuration, implementation, operations and monitoring of access control processes across all targeted clinical and business systems to ensure the protection of Adventist Health System data assets, protected health information (PHI) and all forms of personal identifiable information (PII). Responsible for the secure operation, reliability and integrity of centralized access control administration across multiple application platforms. Demonstrates technical proficiency and is knowledgeable in the area of access control processes, standards, guidelines, security policies and procedures. Participates in access control projects, provides customer service and end-user support, including understanding and articulating customer needs using independent judgement. Maintains competence in IT Security concepts; business analysis; procedures; information systems auditing and reporting; project management and quality assurance processes. Facilitates discussions, which may involve conflict, while maintaining composure. Actively participates in outstanding customer service and accepts responsibility in maintaining relationships that are equally respectful to all.

The value you’ll bring to the team:

Leadership and Mentoring – 5%

  • Mentors clinical and business stakeholders on corporate security policies and standards and state and federal regulations. Ensures the user community understands and adheres to necessary procedures to follow security best practices.

  • Creates and conducts basic training plans for internal and external stakeholders.

  • Continually analyzes processes to recommend improvements for increasing efficiency, quality, and compliance.

  • Responsible for representing the IAM department in various meeting formats (i.e. webex, conference calls, and face-to-face).

Change and Project Management – 10-30%

  • Designs, implements, validates and communicates changes with simple to moderate complexity with clinical, business, and information technology application/system owners, vendors and stakeholders according to ITSM processes, procedure and service level agreements.

  • Develops and maintains system design documentation and outlines build steps using appropriate tools.

  • Leads simple to moderately complex projects, including formal project methodologies and development or changes to project scopes, schedules and resources.

  • Communicates project status and progress to project stakeholders, project managers and supervisor in an accurate and timely manner.

  • Completes projects on time within approved project scope and timeline.

  • Performs post project implementation self-review (lessons learned) and identifies areas for improvement.

Service Delivery and Operational Support – 25-35%

  • Provides operational support for application security requests, incidents, and problems; accurately and efficiently resolving for customers according to ITSM and department processes, procedures and service level and operating level agreements.

  • Uses independent judgement to evaluate an adequate priority is applied to requests or incidents based on impact to patient safety or revenue. Analyst uses data collection methods, analysis, experience and judgment for this evaluation. This includes identification of major incidents and participation in resolution.

  • Participates in on-call rotation for afterhours support and makes self-available to peers to provide needed assistance even if not on-call. In order to support and maintain the technology systems and services in our hospitals, AIT employees must have the ability to receive calls and text messages 24 hours a day, seven days per week.

  • Ensures that interface and follow up with client is completed in a timely, courteous and professional manner at all times. Responsive to client needs and works with client in a collaborative, service and solutions oriented manner.

  • Responsible for formally reporting any known or suspected security incidents that may adversely breach compliance with AHS security policies or standards, with recommendations for alternative solutions.

  • Provides support for solution implementation, activation, upgrades and post-live support.

Access Fulfillment and Governance – 25-35%

  • Implements standardized processes and procedures for requesting, approving and providing access to and removal from targeted AIT enterprise applications.

  • Provisions access using automated and manual processes with accuracy and efficiency.

  • Uses independent judgement to ensure access requests are compliant with AIT and AHS Corporate policies, standard and access models. Manages requests for access to insure appropriate approvals and least privilege access, balancing business and security requirements. This include access which can be provisioned to personnel who share facility, department, job code, and/or personnel attributes (i.e. supervisor level, employee type). This also includes access which must be provisioned specific to the individual personnel, which may require additional training and approvals.

  • Responsible for proactively analyzing and fulfilling access mapping, exception changes, and/or access provisioning as needed based on reports of personnel future dated hires, changes and terminations with Human Resources, Medical Staff Services, or other business stakeholders. Coordinates communication needed to align IAM Department actions and prevent access issues to end users.

  • Analyzes planned facilities or department service additions or changes to ensure provisioned access continuity and role based access control compliance.

  • Recommends improvements to employee and non-employee onboarding and off boarding processes, in compliance with AIT and AHS Corporate security policies and standards.

Monitoring and Reporting – 10-15%

  • Participates in Application and Meaningful Use Risk Assessments, representing IAM Department for Access Control.

  • Monitors automated and manual access control reports, investigating and remediating any discrepancies.

  • Reports and coordinates data collection for security incident investigations.

Qualifications

The expertise and experiences you’ll need to succeed:

KNOWLEDGE AND SKILLS REQUIRED:

  • Knowledge of methods of access control to applications/systems, including role-based, rule-based, attribute-based, and management of exceptions.

  • Supported at least one or more security platforms using various user interfaces.

  • Aptitude to quickly learn new systems with little or no documentation. Continuous learning of new systems, business processes and concepts.

  • Proficient in Microsoft operating system and Office suite.

  • Strong interpersonal skills with a positive and enthusiastic “can do” attitude.

  • Comfortable working independently with general direction.

  • Works well with people of varying levels of technical abilities.

  • Strong change management, oral and written communication, and time management skills.

  • Create, maintain and communicate organized documentation.

  • Ability to utilize industry support tools to support security design, development, auditing, reporting and support processes. (i.e. CCL, Crystal Reports, SQL, etc.)

  • Applies best practice techniques in troubleshooting, testing, and quality assurance.

  • Ability to travel occasionally as needed to support project implementation and assist with assessment of local workflow processes as needed.

KNOWLEDGE AND SKILLS PREFERRED:

  • Application security training in team specific software such as an (Electronic Medical Record) EMR solution (i.e. Cerner), Enterprise Resource Planning (ERP) solution (i.e. PeopleSoft), or major system architecture.

  • Fundamental knowledge of programming and query languages.

  • Security requirements specific to Healthcare including HIPAA and HITECH and associated Risk Assessments.

  • Security frameworks including HITRUST, ISO, NIST, or COBIT.

  • Healthcare clinical or business knowledge such as inpatient or physician practice, human resources, finance and/or supply chain.

  • Knowledge of project management methodology. This will include all aspects such as stakeholder meetings, meeting minutes, business analysis, project planning, training, and implementation.

EDUCATION AND EXPERIENCE REQUIRED:

  • Associate’s degree in related field required with 1+ year experience working in healthcare and/or technical support with experience in rapidly shifting procedures and processes; or a High School Diploma with a minimum of 2 years’ experience in Information Technology.

EDUCATION AND EXPERIENCE PREFERRED:

  • Bachelor’s degree in a related field.

  • 1+ years of design and configuration experience in Microsoft Active Directory, an EMR solution (i.e. Cerner), an ERP solution (i.e. PeopleSoft), or major system architecture.

  • 1+ experience with account provisioning (i.e. Microsoft Active Directory, multiple clinical/financial/business applications) and access request operations tasks experience.

This facility is an equal opportunity employer and complies with federal, state and local anti-discrimination laws, regulations and ordinances.

Category: Information Systems

Organization: AdventHealth Information Technology

Schedule: 1 - Day

Shift: AdventHealth Information Tech

Req ID: 22024630

We are an equal opportunity employer and do not tolerate discrimination based on race, color, creed, religion, national origin, sex, marital status, age or disability/handicap with respect to recruitment, selection, placement, promotion, wages, benefits and other terms and conditions of employment.