Mitigates risk of the Health System's vulnerability to Cybersecurity attacks through the engineering/installation/management of a Security Information Event Management (SIEM) system. Participates in the implementation of the organization's strategic goals for information security. Participates in developing security standards/best practices for the organization. Recommends enhancements, as needed. Contributes to the development of strategies to respond to/recover from a security breach. Develops security awareness by providing orientation, educational programs, and on-going communication. Identifies/Installs/Manages applications necessary to protect sensitive information as needed or identified by the CISO. Assists computer users with installation/management of new security products/procedures. Identifies any weaknesses in the information security architecture which could be used to compromise information systems. Monitors systems/network for security breaches/intrusions using the SIEM system. In the event of a breach, participates in incident response activities to minimize the impact; assists with the technical/forensic investigation into how the breach occurred/extent of the damage. Reports findings to the CISO. Education Bachelors Degree : in Computer or Information Sciences (Required) Combination of relevant education and experience may be considered in lieu of degree. Experience 3 Years experience in a system administration role supporting multiple platforms and applications. (Required) 3 Years experience with risk assessment tools, technologies, and methods (Required) General Experience with communicating network security issues to peers and management (Required) Previous Experience with planning, researching and developing security policies, standards and procedures (Required) Previous Experience with several technical security disciplines such as System Information Event Management systems (SIEM), vulnerability management or security hardening (Required) License/Certifications CISSP - Cert Info Sys Security Prof (Preferred) GCIH - GIAC Cert Incident Handler (Preferred) GPEN - GIAC Penetration Tester (Preferred) GCFE - GIAC Cert Forensic Examiner (Preferred) _ '260269