Keck Medicine of USC
Keck Medicine of USC includes the Keck School of Medicine of USC, the region’s first medical school; the renowned USC Norris Comprehensive Cancer Center, one of the first comprehensive cancer centers established by the National Institutes of Health (NIH) in the United States; the USC Care Medical Group, a medical faculty practice; the Keck Medical Center of USC, which includes two acute care hospitals: 401-licensed bed Keck Hospital of USC and 60-licensed bed USC Norris Cancer Hospital; and USC Verdugo Hills Hospital, a 158-licensed bed community hospital. It also includes more than 40 outpatient facilities, some at affiliated hospitals, in Los Angeles, Orange, Kern, Tulare and Ventura counties.
In 2016, U.S. News & World Report ranked Keck Medical Center of USC among the Top 10 hospitals in the state and among the Top 50 hospitals in the United States in seven specialties: ophthalmology, urology, cancer, geriatrics, orthopedic surgery, nephrology and cardiology and heart surgery.
Senior Security Engineer - Information Security - Full Time 8 Hour DaysApply IS Security Los Angeles, California
Provide Keck Medicine of USC operational, administrative and project support for the Information Security department whose purpose is to ensure the integrity of Information Systems Assets and to protect systems from unauthorized access or destruction. This role includes, but is not limited to: network security, systems security, IS policy, security solutions, incident response, monitoring, reporting, and general Information Technology concepts. Provide escalation support to Principal or Executive Leadership for most complex issues.
The Security Engineer Senior will design and lead projects in the implementation and support of a highly secure information systems environment. This includes technical solutions as well as policy, standards, and guidelines. Work closely with all IS teams to implement solutions that are robust and achieve the desired outcomes.
Responsibilites for this position include, Design, implement and monitor security measures for the protection of computer systems, networks and organizational data; Design and implement cyber security processes including but not limited to Incident Response and remediation; Carry out security measures to protect an organization’s computer networks and systems: Monitor, Detect, Respond, Mitigate, Report, Recover, Remediate, and Lessons Learned; Identify and define system security requirements; Serve as the escalation point for junior members of the InfoSec team; both day to day coaching and when complex incidents arise. Responsibilities will continually expand as the number and type of cyberattacks increase and change.
• A Bachelor’s degree in Computer Science or a related field.
• Security application/systems experience required
• Implementation experience required; previous system implementations from start to finish
• PCI and HIPAA compliance experience required
• Or the equivalent combination of experience and education that would demonstrate the capability to successfully perform the essential functions of this position.
• NIST (or other security standards) experience preferred
• One (or more) of the following security certifications: ISC2 certificates, GIAC certificates, CISM/A, CEH, etc.
• Security control concepts: physical, logical, administrative.
• Seven (7) years’ experience in Information Security
• Healthcare experience a plus
Knowledge, Skills, and Abilities:
• Proven work experience as a system security engineer or information security engineer
• Experience in designing, implementing and maintaining security systems
• Hands on experience in security systems including: intrusion detection systems, anti-virus software, authentication systems, log management, content filtering, etc.
• Experience with network security and networking technologies
• Experience with security systems and tools
• Understanding of the latest security principles, techniques, and protocols
• Performs/follows all procedures to ensure the safety of Information Systems assets and to protect systems from intentional or inadvertent access or destruction.
• Design, develop and implement IT security standards and procedures.
• Knowledge and understanding of IT industry trends and emerging technologies and an ability to relate them to the organization and its objectives.
• Knowledge of information security industry and regulatory obligations (PCI DSS, SOX, HIPAA, NIST Framework 800 series, etc.)
• Experience providing guidance to junior team members; procedures, processes, investigations, remediation, etc.
• Problem solving skills and ability to work under pressure
• Good communication (oral and written) and interpersonal skills; must be able to report to Executive Management in a clear and concise way
• Able to solve a range of problems in stessful situations
• Able to analyze possible solutions and assess each using standard procedures
• Able to effectively explain information and influence others in straightforward situations
• Able to make appropriate decisions within guidelines and policies
• Able to effectively prioritize own work to meet changing deadlines
• Provide after-hours and weekend on-call support for service-related issues.
REQ20052611 Posted Date: 11/02/2017 Apply