Information Security Analyst II

About The Position

Requirements

• Bachelor's degree OR equivalent combination of education and experience
• 2+ years of work experience in a related job discipline

Nice To Haves

• Experience supporting cybersecurity operations within a healthcare, hospital, or highly regulated environment.
• Experience with security incident response, threat detection, and vulnerability management processes.
• Experience working with enterprise security tools such as SIEM, endpoint protection, vulnerability scanning, identity and access management, or email security platforms.
• Experience with CrowdStrike Falcon or comparable endpoint detection and response (EDR) platforms.
• Familiarity with cybersecurity frameworks and standards such as NIST, HIPAA, CIS Controls, or HITRUST.
• Experience supporting cloud security initiatives in Microsoft Azure, AWS, or hybrid environments.
• Experience reviewing and analyzing system logs, alerts, and security events to identify potential threats or vulnerabilities.
• Experience with Active Directory, multi-factor authentication, privileged access management, or identity governance solutions.
• Knowledge of networking concepts, firewalls, VPN technologies, and secure system configurations.
• Experience participating in security audits, risk assessments, or compliance initiatives.
• Experience utilizing scripting or automation tools such as PowerShell, Python, or Bash to improve operational efficiency.
• Strong written and verbal communication skills with the ability to explain technical concepts to non-technical audiences.
• Demonstrated ability to work collaboratively across technical, operational, and clinical teams.
• Relevant industry certifications preferred, such as Security+, CISSP, GSEC, CEH, GIAC, SC-900, AZ-500, or similar cybersecurity certifications.
• Experience supporting on-call rotations and responding to critical security incidents in a fast-paced environment.
• Experience with change management, documentation standards, and secure system implementation practices.

Responsibilities

• Participate in the design, development, and implementation of systems to protect CCHMC data.
• Identify the appropriate resources needed to complete small projects.
• Support the communication between internal and external parties on project related issues and developments.
• Participate in developing and managing project plans.
• Determine the scope and complexity of small to midsized projects.
• Work with cross functional teams.
• Understand incident response processes and procedures and assist in mitigating incidents when they occur.
• Analyze, design, implement, and maintain moderately complex systems that greatly improves clinical care and patient management.
• Support system testing.
• Document testing outcomes.
• Work to develop technical solutions.
• Work to design, write, and prepare complete user and technical documentation.
• Analyze existing documentation and provide corrections and enhancement.
• Utilizes Development lifecycle process, operating procedures and documentation to implement and support system solutions.
• Provide technical support and problem resolution assistance for production and process issues.
• Troubleshoot and decipher error messages.
• Identify required resources to resolve minor to midsized issues.
• Utilizes appropriate Change Control methods to implement system solutions.
• Serve as a resource person for and as a liaison between Cincinnati Children's departments and Information Services.
• Support departmental efforts to improve customer satisfaction.
• Evaluate and monitor system performance and functionality to avoid potential issues as well as gathering information for future development needs or feasibility studies.
• Participate in on-call support rotation and handle incident resolution, problem determination and resolution during that time.
• Ensure outstanding end-user support is provided, including ongoing monitoring of Service Level Agreements for incident management and collaboration with other areas to ensure customer-centered incident management and support.
• Adhere to and promote continual adoption of change management policies and procedures.
• Model outstanding customer service behavior, including timely and effective follow-up with customers.
• Develop knowledge and professional skills through cross-training, literature and attendance at department meetings and vendor education.
• Develop and maintain positive relationships, both internal and external to CCHMC.
• Motivate people and encourage teamwork.
• Work well with others and fosters a positive team environment.
• Prepare oral and written presentations.
• Conduct and participate in instructional seminars.
• Develop expertise in several Cincinnati Children's computer-based systems.
• Perform other duties as assigned.

Benefits

• Comprehensive job description provided upon request.