Information Security Manager jobs in Orlando, FL

All the benefits and perks you need for you and your family:

• Benefits from Day One
• Paid Days Off from Day One
• Student Loan Repayment Program
• Career Development
• Whole Person Wellbeing Resources
• Mental Health Resources and Support

Our promise to you:

Joining AdventHealth is about being part of something bigger. It’s about belonging to a community that believes in the wholeness of each person, and serves to uplift others in body, mind and spirit. AdventHealth is a place where you can thrive professionally, and grow spiritually, by Extending the Healing Ministry of Christ. Where you will be valued for who you are and the unique experiences you bring to our purpose-minded team. All while understanding that together we are even better.

Schedule: Full Time

The role you’ll contribute:

The Intermediate IT Security Analyst will understand design, configuration and implementation of access controls across for all supported AIT enterprise applications and systems to assure availability, confidentiality, and integrity of clinical and business systems. This individual is responsible for understanding and applying technology tools, systems, policies, standards and processes to ensure the protection of Adventist Health System data assets, Protected Health Information (PHI) and all forms of personally identifiable information (PII) in compliance with Federal and State Regulations.

The Intermediate IT Security Analyst will lead by being approachable, collaborative, and providing mentoring to develop skills and knowledge. They will be a visible spokesperson within the organization for application security and controls which will facilitate support of and compliance with application security requirements and will guide and lead access control best practices. They will work independently on projects, lead customer service excellence, and continually improve processes to reduce cost and increase efficiency. This individual will maintain technical expertise and competence in IT Security concepts such as business analysis, information security auditing and reporting, access control governance, project management, and quality assurance

The value you’ll bring to the team:

• Lead small to medium projects under the guidance of senior analysts in design, build and configuration of application security access controls for all enterprise supported Electronic Health Record systems including Epic applications and any supporting third- party integrated applications.
• Lead small to medium projects and mentor Security Associate Analysts in design and architecture of enterprise application control security solutions in coordination with IT, Clinical and Business team members.
• Fundamental knowledge of project management skills for small to medium projects which includes managing, executing, and supporting project phases and tasks as it relates to enterprise application control security through the lifecycle of the project, including gathering functional and technical requirements, constructing project scope, completing and/or coordinating the completion of technical deliverables and milestones, sharing end-user concerns, presenting results to management.
• Develops and maintains collaborative relationships with all stakeholders including application/system owners and vendors; meets with customers and sponsors to capture business & technical requirements, system process documentation, and outlines process steps using appropriate tools.
• Develops and maintains system design documentation and outlines build steps using appropriate tools with direction and assistance from team members, IT Security Senior analyst or the application manager.
• Gathers and analyzes data that will be supportive of all change and implementation activities to improve data integrity and optimization.
• Work directly with the user community, information technology and security teams to support and troubleshoot all clinical and business applications and Electronic Health Record systems, including EPIC applications and integrated EPIC applications with industry standard service management and clinical and business to ensure a secure, positive and consistent user experience.
• Assist in ensuring systems and procedures are in compliance with corporate and industry recognized standards.
• Assist and guide the user community on security processes.
• Research and evaluate new technology to continuously improve processes and the organization's overall security posture.
• Assist in management of access control monitoring and governance to ensure timely and accurate provisioning and deprovisioning of access.
• Participates in IAM Department involvement in Application/System for Access Control reporting to Corporate Responsibility, Information Security, and Audit departments.
• Manage the collection of data and processes for investigations as required by IAM Management.
• Ability to receive calls and text messages 24 hours a day, seven days a week on a rotated basis to provide excellent customer service to our clients.
• Perform other duties that may be assigned by IAM Management.

The expertise and experiences you’ll need to succeed:

• Epic proficiency with honors, certification, accreditation or ability to complete certification within 3 months of completing classes.
• Knowledge of methods of access control to applications/systems, including role-based, rule-based, attribute-based, and management of exceptions.
• Supported multiple security platforms using various user interfaces.
• Basic knowledge of HIPAA, HITECH, PCI and SOX regulations as it pertains to application access controls
• Basic knowledge of security frameworks including HITRUST.
• Aptitude to quickly learn new systems with little or no documentation.
• Strong interpersonal skills with a positive and enthusiastic “can do” attitude.
• Demonstrated creative problem-solving approach and strong analytical skills.
• Comfortable working independently with general direction and in a team setting.
• Works well with people of varying levels of technical abilities.
• Excellent change management, oral and written communication, time management and project management skills.
• Create, maintain and communicate organized documentation.
• Fundamental knowledge of SQL queries.
• Applies best practice techniques in troubleshooting, testing, and quality assurance.
• Ability to travel occasionally as needed to support project implementation and assist with assessment of local workflow processes as needed.
• In order to support and maintain the technology systems and services in our hospitals, must have the ability to receive calls and text messages 24 hours a day, seven days per week.
• Application security training and experience in EPIC, Cerner, Active Directory, Identity Management, another major EHR system, or other major system architecture.
• Advanced knowledge of Microsoft suite of products.
• Knowledge of security requirements specific to Healthcare including HIPAA, HITECH, and SOX.
• Knowledge of security frameworks including HITRUST, ISO, and NIST.
• Working knowledge of healthcare or clinical physician clinical practice.

EDUCATION AND EXPERIENCE REQUIRED:

• Bachelor degree in a related field with 1 year experience OR
• Associate degree in related field required with 2 year experience working in healthcare and/or technical support with experience in rapidly

shifting procedures and processes OR

• 2 years of experience providing customer support in a healthcare or technology-oriented environment is required.
• 2 years of design and configuration experience in Cerner, Epic, Active Directory, Identity Management, another major EMR system, or other major system architecture required.
• Epic Accreditation, Certification or ability to complete within 3 months of completing classes.

EDUCATION AND EXPERIENCE PREFERRED:

• 1 year experience working in healthcare and/or technical support with experience in rapidly shifting procedures and processes.
• 1 Experience with advanced account provisioning (i.e. Active Directory, multiple clinical/financial/business applications) and access request operations tasks experience.

LICENSURE, CERTIFICATION OR REGISTRATION REQUIRED:

• Epic Accreditation, Certification or ability to complete within 3 months of completing classes.

LICENSURE, CERTIFICATION OR REGISTRATION PREFERRED:

• Industry recognized Security certification such as Security , CISA, CISM, or CISSP.