IT Cybersecurity Analyst IV-Patch Management (PM) - Digital Technology Service

Hackensack Meridian Health•Edison, NJ

2d•Remote

About The Position

Our team members are the heart of what makes us better. At Hackensack Meridian Health we help our patients live better, healthier lives — and we help one another to succeed. With a culture rooted in connection and collaboration, our employees are team members. Here, competitive benefits are just the beginning. It’s also about how we support one another and how we show up for our community. Together, we keep getting better - advancing our mission to transform healthcare and serve as a leader of positive change. The Cybersecurity Analyst IV-Patch Management (PM) is responsible for the strategic support, development, and advanced operation of Hackensack Meridian Health's (HMH) enterprise-wide PM program, working in close collaboration with the Manager of Vulnerability (VM) and PM. Leads the timely and effective deployment of security patches and updates across all HMH systems and applications, minimizing vulnerabilities and ensuring system security and stability. Involves significant collaboration with Digital Technology Services (DTS)/Information Technology (IT) teams, VM, system owners, and vendors to support patch compliance and strategic program enhancement, under the Manager's guidance. This is mostly a remote position and you will need to come into the Edison, NJ office 2-4 times a year, unless there is a a reason for the team members to be onsite (DTS event, troubleshooting event/incident, etc.).

Requirements

Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Work experience (4 years) may be substituted.
Minimum of 7-9 (11+ if no degree) years of experience in a cybersecurity-related role/similar IT role, with significant PM experience.
High level of PM methodologies, tools, technologies, operating systems, applications, and change management processes knowledge.
Advanced analytical, problem-solving, and risk assessment skills, with the ability to analyze complex patch data and develop effective deployment strategies.
Excellent communication (written and verbal), presentation, and influencing skills, with the ability to coordinate with various teams and stakeholders, including executive leadership.
Experience with scripting languages (e.g., Python, PowerShell) for automating PM tasks.
Experience with enterprise PM solutions and automation tools (e.g., System Center Configuration Manager [SCCM], Ivanti).
Strong leadership and mentoring skills, with a passion for developing and guiding team members.
Demonstrated commitment to continuous learning and professional development in the PM domain.
Familiarity with cybersecurity governance, risk, and compliance best practices and tools.
Ability to travel to other HMH locations as needed.
Proficient computer skills that may include but are not limited to Microsoft Office and/or Google Suite platforms.
Certified in at least one of the following at hire or must obtain within one (1) year of hire: a. International Information System Security Certification Consortium (ISC2) Certification b. Information Systems Audit and Control Association (ISACA) Certification c. CompTIA Certification d. Global Information Assurance Certification (GIAC) e. Or other related cybersecurity certification

Nice To Haves

Experience in integrating PM with VM and cybersecurity operations.
Knowledge of operating systems and application security hardening techniques.
Experience with cloud security technologies and best practices (e.g., Amazon Web Services [AWS], Azure, Google Cloud Platform [GCP]).
Familiarity and/or experience working in healthcare provider environments.
In-depth knowledge of healthcare-specific regulations and standards (e.g., Health Insurance Portability and Accountability Act [HIPAA]/Health Information Technology for Economic and Clinical Health Act [HITECH]).
Other relevant vendor certifications in PM products.

Responsibilities

Support Manager in developing and maintaining the enterprise-wide PM strategy, aligning program activities with organizational risk tolerance and business requirements.
Lead the evaluation, selection, and implementation of enterprise PM solutions and automation tools, with the approval of the Manager.
Oversee and manage the end-to-end PM lifecycle, including patch testing, deployment, verification, and reporting, ensuring adherence to established processes.
Direct the analysis of patch release notes, cybersecurity advisories, and vulnerability data to assess patch criticality and prioritize deployment, providing detailed analysis and recommendations to the Manager.
Establish and enforce PM Service Level Agreements (SLA), working with DTS/IT teams and system owners to ensure timely patch deployment, and report on SLA compliance to the Manager.
Develop and maintain comprehensive PM policies, standards, and procedures, ensuring alignment with the overall program strategy.
Lead the management of patch exceptions, developing and overseeing the implementation of mitigation strategies for non-compliant systems, and providing regular status updates to the Manager.
Provide advanced guidance and consultation to DTS/IT leadership and other departments on PM best practices and integration with change management, supporting the Manager in driving process improvements.
Monitor and analyze emerging PM trends, technologies, and cybersecurity advisories to proactively adapt the PM program, providing recommendations to the Manager.
Actively guide and mentor peers and junior cybersecurity personnel, providing guidance and fostering their professional growth.
Travel to any HMH location, possibly with minimal notice, to provide immediate on-site support for cybersecurity incidents, urgent investigations, or other critical requests from cybersecurity or hospital leadership.
Other duties and/or projects as assigned.
Adheres to HMH Organizational competencies and standards of behavior.