Penn State Health Shared Services
Location: US:PA:Hershey
Work Type: Full Time
FTE: 1.0
Shift: Days
Hours: Eight (8) hours
The Office of Cybersecurity and Privacy ensures cybersecurity and privacy risks to the confidentiality, integrity, and availability of Penn State Health (PSH) and College of Medicine (COM) information are identified, assessed, and maintained at acceptable levels. We are looking for people who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, and are passionate about cybersecurity.
**100% REMOTE POSITION**
** WE ARE OPEN TO BOTH INTERMEDIATE AND SENIOR LEVEL APPLICANTS**
JOB SUMMARY:
The Cyber Requirements Planner (Information System Security Officer) is responsible for ensuring operational excellence of cyber security requirements planning activities, including but not limited to:
Working with customers to evaluate functional requirements and translating the functional requirements into technical solutions
Managing the cyber security planning process to ensure that developed solutions meet business needs and cyber security requirements
Applying and incorporating information technologies into proposed solutions
Applying cyber security and privacy principles to organizational requirements (relevant to confidentiality, integrity, authentication, and non-repudiation)
Creating trending, metrics, and management reports
Effectively collaborates and communicates with stake holders and Business units and others to identify, analyze and communicate risk and provide support around DLP management within their business requirements
Understands compliance requirements that may impact security and effectively collaborate with business areas and project teams to develop security solutions that address these requirements
Analyzes and responds to data loss incidents/alerts via enterprise console and other sources
MINIMUM QUALIFICATIONS:
Senior Level Requirements:
Bachelor’s degree in computer science, cybersecurity, information technology (IT) or in a related field and 8 years of experience OR 12 total years of experience and education.
Intermediate Level Requirements:
Bachelor’s degree in computer science, cybersecurity, information technology (IT) or in a related field and 4 years of experience OR 8 total years of experience and education.
PREFERRED QUALIFICATIONS
Demonstrated experience in cyber security, privacy, and/or an information protection-related function
Strong knowledge of cyber security principles, standards, practices, and technologies
Proven experience with assessment of information and information systems based on NIST 800-53 standards and working with asset custodians on remediation plans or exception processes
Extensive technical knowledge of national security practices, procedures, standards, business continuity, disaster recover, auditing, risk management, vulnerability assessments, and regulatory compliance
Strong knowledge of computer networking concepts and protocols, and network security methodologies
Prior experience with Data Loss Prevention (DLP) (Symantec preferred) technology as well as remediation of findings
Knowledge of creating policies, rules, and tuning of DLP tools is a plus
Prior experience working with Merger and Acquisitions to ensure secure integration and handling security assessments, analysis and reporting for executive leadership
Strong knowledge of working with industry and regulatory requirements (i.e., HIPAA, PCI, etc.)
Strong knowledge of controls related to the use, processing, storage, and transmission of data
Excellent analytical and problem-solving skills
Excellent oral and written communication skills
Proven strong background in cyber security and operational processes
Demonstrated strong organizational skills with attention to detail
Proven ability to achieve results in a fast moving, dynamic environment
Ability to develop strong working relationships
Ability to multi-task and meet deadlines
Excellent communication, problem-solving, and decision-making skills
CERTIFICATIONS:
Certified Information Systems Security Professional (CISSP) or equivalent
This job description is a general outline of duties performed and is not to be misconstrued as encompassing all duties performed within the position. All individuals (including current employees) selected for a position will undergo a background check appropriate for the position's responsibilities.
Penn State Health is fundamentally committed to the diversity of our faculty and staff. We believe diversity is unapologetically expressing itself through every person's perspectives and lived experiences. We are an equal opportunity and affirmative action employer. All qualified applicants will receive consideration for employment without regard to age, color, disability, gender identity or expression, marital status, national or ethnic origin, political affiliation, race, religion, sex (including pregnancy), sexual orientation, veteran status, and family medical or genetic information. If you are unable to use our online application process due to an impairment or disability, please call 717-531-8440 between the hours of 8:30 AM and 4:30 PM, Eastern Standard Time, Monday – Friday, email hrsolutions@pennstatehealth.psu.edu or download our Accommodation Instructions for Job Applicants PDF for more detailed steps for assistance.