Cyber Security Administrator

About The Position

Requirements

• Network and system security fundamentals (firewalls, VPN, NAC, IDS/IPS, endpoint protection)
• Active Directory and identity management
• Risk assessment and remediation planning
• Security monitoring and logging tools
• Education: Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline (or equivalent experience).
• Experience: 3–5+ years in information security, systems administration, or equivalent role in IT with exposure to healthcare systems.
• Regular and reliable attendance is an essential function of the job
• Knowledge of IT infrastructure and network management.
• Knowledge of operating systems, word processing, database applications, spreadsheet applications, e-mail applications, and diagnostic utilities.
• Knowledge of troubleshooting and operating computer equipment.
• Knowledge of customer service-related concepts.
• Skill in organizing tasks.
• Skill in using customer service skills when dealing with frustrated employees.
• Skill in masterful problem-solving.
• Ability to be a team player with effective interpersonal skills.
• Ability to solve problems and work independently.

Nice To Haves

• Security Certifications (Preferred): Security+, CISSP, CISM, CEH, or similar.
• Experience supporting Electronic Health Record (EHR/EMR) systems and healthcare network environments (Preferred).
• Familiarity with HIPAA Security Rule controls, NIST Cybersecurity Framework (CSF), or HITRUST (Preferred)

Responsibilities

• Develop, maintain, and enforce cybersecurity policies, procedures, and standards in accordance with HIPAA and industry best practices.
• Coordinate with Privacy and Compliance Officers to align technical controls with regulatory requirements (HIPAA, HITECH).
• Conduct periodic risk assessments and vulnerability scans to identify potential threats and gaps.
• Lead remediation planning with IT and clinical stakeholders to resolve weakness findings.
• Monitor security tools (SIEM, IDS/IPS, endpoint protection) for threats and anomalous activity.
• Investigate and respond to cybersecurity incidents, document findings, and recommend corrective actions.
• Assist in the creation and maintenance of incident response and disaster recovery plans.
• Administer network and system security including firewalls, VPNs, access controls, encryption, multi-factor authentication (MFA), and patch management.
• Collaborate with server, network, and application teams to ensure secure configuration and integration of clinical systems.
• Review and authorize privileged user access, implementing least privilege principles.
• Provide cybersecurity awareness training and guidance to clinic staff.
• Promote security best practices to clinical and administrative personnel to reduce human risk factors.
• Maintain detailed documentation for audits, compliance reviews, and IT governance.
• Prepare security metrics reports for IT leadership and executive stakeholders.