Senior Security Analyst

Health Quest is the largest family of nonprofit hospitals and healthcare providers in the Hudson Valley. Our three award-winning hospitals — Northern Dutchess Hospital, Putnam Hospital Center and Vassar Brothers Medical Center — have deep roots in their respective communities and work together to provide quality care for our patients.

Health Quest is really about providing a continuum of care — care that is accessible, care that allows people in our community to stay close to home for all the healthcare services they need. It's about fostering a continuity of care that inspires confidence. This is reinforced by the unilateral commitment Health Quest has from our Board of Directors, healthcare providers, employees, volunteers and community members all working together to live up to the expectations and trust our communities place in us.

The Sr. IT Security Analyst is responsible for setting up, monitor and managing the IT Security applications. Responsibilities will also include identifying and remediating potential security breaches, threats and vulnerabilities concerns with the Chief Information Security Officer (CISO) in a timely fashion. As a member of the HQIT security team this person would assist in IT system policy enforcement and be adaptable and work with multiple departments (HR, Compliance, Finance, Privacy, Clinical, Legal, etc.) in assisting them IT security Risks and its mitigation

Additionally, be a key member in the developing the IT Security Risk Assessments and Management with risk classifications, ratings and mitigation strategies of IT issues and concerns along with working with others in the IT organizations and the whole HQ. Be an advocate of IT Security and HIPAA Security compliance for the whole system. The Sr. IT Security Analyst will be accountable for:

• Assess the utilization and enforcement of system security policies and procedures, based on industry-standard best practices.
• Recommend and deploy additional security products and tools, or enhancements to existing tools, to detect violations of systems and network security measures.
• Assess whether the appropriate patches, hot fixes, and service packs are installed on company-owned or licensed software are properly installed and in a timely manner.
• Oversee penetration testing of all systems in order to identify system vulnerabilities.
• Propagate security awareness among employees.
• Assist in executing investigations into suspected information security policy violations.
• Participate with On-Call responsibilities when system security issues arise.

• Strong knowledge of System Security Essentials, Intrusion detection, Forensics, Security policy.
• General knowledge of network and IS security components, including firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.
• General knowledge of IP, TCP/IP, and other network administration protocols, including their vulnerabilities and solutions.
• Familiarity with IT Security frameworks, such as COBIT, NIST and ISO 27000.
• Intuition and keen instincts to pre-empt attacks, threats and vulnerability exposures.
• Working technical knowledge of current systems software, operating systems, and PC protocols and standards, including Microsoft Windows and Office.
• High level of analytical and problem-solving abilities.