Employment Type : Full-Time
Location: LOC_1300_MKT-Wanamaker Building Req ID: 190853 Shift: Days Employment Status: Regular - Full Time About Us
We’re seeking breakthrough makers! Children’s Hospital of Philadelphia was built on the belief that we can change lives. Today, in every role throughout our hospital, research institute and care network, the 22,000 members of our workforce are finding new ways – big and small – to make a difference for the patients and families we serve. If you are ready to challenge yourself, be inspired and grow – no matter what your role – you just may be the kind of breakthrough maker who will thrive at CHOP. CHOP is proud to share that we are ranked No. 1 on Forbes' 2022 list of America's Best Large Employers! Job Summary
Job Responsibilities An Information Security Specialist III is a senior contributor with similar responsibilities as the Information Security Specialist II, but with a great degree of complexity. An Information Security Specialist III may be involved in some leadership activities. An Information Security Specialist III also:
Job Responsibilities (Continued) This department works 80% remotely and 20% on site in our Philadelphia offices. Required Licenses, Certifications, Registrations Other relevant healthcare IS certs Required Education and Experience
Preferred Education, Experience & Cert/Lic Certified Internal Auditor (CIA), Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT), Certified in Risk and Information Systems Control (CRISC) or other industry related certification Additional Technical Requirements 1. Comprehensive know of information security regulations, standards and leading practices, including understanding of EHR application access controls.
2. Good knowledge of basic database query techniques & data mining to analyze data (e.g., Excel, SQL, Quickbase, Business Objects) or other related database functionality.
3. Knowledge of MS Active Directory, UNIX, and Clinical Applications a plus.
4. Experience implementing application level security in clinical and financial systems (e.g., Epic, Lawson). ERP experience a plus (PeopleSoft, SAP).
5. Understands different firewall architectures (packet filter, application firewalls, application proxy, and VPN) and brands (Checkpoint, Cisco)
6. General understanding of networking and communication techniques including WANs, LANs, Internet, Intranet, protocols, such as TCP/IP and their impact on security.
7. Some knowledge of security applications such as intrusion detection systems and forensics packages (EnCASE), ArcSight, Foundstone
8. Understands differences in perimeter and DMZ architectures & experience with industry standards with system architectures including various UNIX and Microsoft Windows server and desktop platforms.
9. Has experience with application layer formats, usage and characteristics (HTTP, FTP, SSH, DNS, SMTP). Has knowledge of system architecture and design.
10. Microsoft, UNIX, Lawson, and Clinical Applications (e.g., Epic).
11. Experience with industry standard SDLC methodologies; hands-on experience in Project Server methodologies, PMO project management skills, including use of MS productivity tools (Access, Word, PowerPoint, Visio, Project).
12. Experience with risk management frameworks. Information Security Requirements
1. Understand and comply with all enterprise and IS departmental information security policies, procedures and standards.
2. Support the integration of information security in the development, design, and implementation of Hospital Technology Resources that process, transmit, or store CHOP information.
3. Support all compliance activities related to state, federal regulatory requirements, healthcare accreditation standards, and all other applicable regulations that govern the use and disclosure of patient, financial, or other confidential information.
To carry out its mission, it is of critical importance for the Children’s Hospital of Philadelphia (CHOP) to keep our patients, families and workforce safe and healthy and to support the health of our global community. In keeping with this, CHOP has mandated all workforce members on site at any CHOP location for any portion of their time be vaccinated for COVID-19 as a condition of employment. This mandate also applies to workforce members performing work for CHOP at non-CHOP locations. Additionally, all workforce members based in or regularly scheduled to work at any New Jersey location are mandated to be both vaccinated and boosted for COVID-19, with booster timing consistent with applicable guidelines. The CHOP COVID-19 vaccine mandate is in alignment with applicable local, state and federal mandates. CHOP also requires all workforce members who work in patient care buildings or who provide patient care to receive an annual influenza vaccine. Employees may request exemption consideration for CHOP vaccine requirements for valid religious and medical reasons. Please note start dates may be delayed until candidates are fully immunized or valid exemption requests are reviewed. In addition, candidates other than those in positions with regularly scheduled hours in New Jersey, must attest to not using tobacco products.
EEO / VEVRAA Federal Contractor