Position Summary:
Under the leadership of the Director, Information Technology, the Network Security Administrator is an active member of the Information Technology (IT) team that works to determine the strategic vision, goals, philosophy, and direction of the department and CRHS. The Network Security Administrator is responsible for computer account auditing, assists with assessing information risk and facilitates remediation of identified vulnerabilities for IT security and IT risk across the enterprise including network, systems, and applications. Responsible for assisting with IT and HIPAA audits and the creation and maintenance of relevant policies and procedures. This position assures that information created, acquired, or maintained by the healthcare system, and its authorized users, is used in accordance with its intended purpose; to protect information and its infrastructure from external or internal threats; and to assure compliance with statutory and regulatory requirements regarding information access, security, and privacy. The Network Security Administrator is responsible for administration and support of the CRHS data and IP telephony network and related system architecture. The Network Security Administrator is also responsible for the set-up, configuration and implementation of network hardware and software. In addition, the Network Administrator is responsible for completion of routine day-to-day HIS processes, to include monitoring system parameters and network security on a regular basis, installation and configuration of system hardware as required, and providing end-user support as needed.
Basic Qualifications:
Requires an Associate’s degree or equivalent in Computer Science. A Bachelor’s Degree is preferred.
Requires a level of experience normally acquired with a minimum of four to six years of progressively more experience within a healthcare Information Technology environment, or any equivalent combination of education, training, and experience.
- Licensure, Registrations & Certifications:
Requires at least two IT industry recognized technical certifications, such as A , Network , Security , CCNA, or MCSE, CISSP
Essential Job Responsibilities:
- Audits electronic accounts for healthcare workers, validating appropriate security levels are being utilized, and ensuring credentials given to users are in accordance with their clearance levels.
- It leads to the development of information security policies, standards, and practices ensuring systems are securely operated and supports compliance with regulatory requirements.
- Leads the implementation of a variety of hardware and software solutions that ensure data protection.
- Installs and maintains software applications that filter network traffic to avoid unwanted intrusions.
- Coordinates ongoing risk assessment programs targeting information security and privacy matters; Identifies risks by role, software, information type and other categories and defines acceptable mitigation strategies. Documents and communicates policies, queries, vulnerabilities, and current state.
- Escalates security issues with designated leadership, proposes innovative solutions to these issues, establishes updated schedules, and configures automation to make processes faster during deployments.
- Develops and implements security infrastructure.
- Implements processes that deter hackers, spyware, and other malware from being installed on a computer.
- Audits technologies and communications against information security policies and procedures to ensure compliance.
- Performs monthly privacy audits and reports findings to the Privacy Officer.
- Configures, maintains, and monitors company antivirus software and system event alerting, mitigates endpoint infection, and communicates any suspected critical malware or other suspicious events to management and other relevant staff for investigation and remediation.
- Works closely with other IT teams to report suspected security incidents.
- Leads security awareness by providing orientation, phishing campaigns, educational programs, and ongoing communication to the staff.
- Monitors company networks to identify unauthorized use and potential security breaches from both internal and external sources.
- Establishes system controls by developing a framework for controls and levels of access and recommends improvements.
- Recommends methods for vulnerability detection and oversees vulnerability testing and remediation.
- Stays abreast of all pertinent federal, state and facility regulations, laws, and policies as they presently exist and as they change or are modified.
- Performs network administration functions that include set-up and configuration of network software and hardware for switches, routers, firewalls, etc.
- Maintains up-to-date schematic of network infrastructure and recommends changes as needed to improve network performance.
- Monitors the network regularly to ensure network security.
- Serves in on-call rotation for system and network support.
- Maintains a basic working knowledge of the Cerner EMR.
- Maintains a current hardware and software inventory, accurately reflecting existing IT Network infrastructure.
- Obtains vendor quotes for requested hardware, software, and IT-related supplies for the best price and assists in budgeting.
- Provides end-user support for hardware and software as requested and completes end-user work requests in an efficient and timely manner.
- Conducts system and network “in-service” training for hospital staff and physician end-users as needed.
- Coordinates the efforts of vendor contract personnel for hardware and network support as needed on IT projects.
- Works efficiently and effectively toward the successful completion of team goals and objectives.
- Performs other related job duties as assigned.
Standards of Performance:
- Audits electronic accounts for healthcare workers, validating appropriate security levels are being utilized, and ensuring credentials given to users are in accordance with their clearance levels.
- Implements processes that deter hackers, spyware, and other malware from being installed on a computer.
- Leads security awareness by providing orientation, phishing campaigns, educational programs, and ongoing communication to the staff.
- Establishes system controls by developing a framework for controls and levels of access and recommends improvements.
- Recommends methods for vulnerability detection and oversees vulnerability testing and remediation.
- Provides administration and support services for CRHS’s data and IP telephone network and related system architecture.
- Performs the initial set-up and configuration and implementation of network hardware and software.
- Performs routine day-to-day HIS processes that include regular monitoring of system parameters and network security, installation, and configuration of system hardware, and providing end-user support as needed.
- Demonstrates ongoing performance improvements aimed at operational efficiencies, process improvements and financial outcomes.
Maintains up-to-date knowledge of procedures and interpretations of all related federal, state & JCAHO laws and regulations.