Purpose & Scope:
Member of a team that manages and monitors the safety of information systems assets and protects systems from intentional or inadvertent access or destruction. Has a specific focus on the Epic system. Coordinates security efforts between Epic application teams. Ensures that authorized users are able to successfully log in to Hyperspace with the appropriate security to complete their job in the system. Responds to, analyzes, and resolves Information Security issues, concerns, questions, incidents and events. Identifies and evaluates risks and threats. Makes resourceful, practical decisions and addresses unexpected problems. Conducts evaluations of current information security posture and recommends approaches to strengthen as appropriate.
Education:
Bachelor's degree in computer engineering, computer science, or information systems management or approved equivalent combination of education and experience. Three years of additional related experience may be substituted in lieu of educational requirement.
Experience:
• Minimum three years of experience in the information technology field, preferably concentrated in information security.
• Experience with and knowledge of UNIX operating systems desired and Microsoft operating systems required; risk and threat assessment process and practices; project planning and management; business continuity planning, documentation and evaluation
• Experience with vulnerability scanning tools (e.g., Qualys, Nessus, Nexpose, Saint)
• Experience with web application vulnerability scanning tools (e.g., IBM AppScan, HP Webinspect, Accunetix, NTO Spider, Burpsuite Pro)
• Experience with static analysis tools (e.g., IBM Appscan Source, HP Fortify)
• Experience with high level programming languages (e.g., Java, C, C++, .NET (C#, VB))
• Experience with web application development (e.g., ASP.NET, ASP, PHP, J2EE, JSP)
• Experience with Epic application security a plus
Certification/Licensure:
None.