LOCATION:ITS Building, SW-ITS-Tech Operations
CITY: Greensboro, NC
Exempt: Yes | FTE: 1.0 (40 hours/week) | Schedule: Monday - Friday 8:30 am -5:00 pm | On Call: YES
Under immediate supervision, this positionassists in the execution and enforcement of Information Security relatedpolicies, standards, and procedures adopted by Cone Health. Assists with thedesign, programming, configuration, testing, and documentation of programs andapplications used by Cone Health to further Information Security and AccessManagement goals. May customize purchased applications and assist inmaintaining program libraries and technical manuals. Staffed by beginners whohave had sufficient educational background and/or experience to qualify them tostart in a information security and access management role.
The essential job functions
and primary workactivities
are as follows:
- Primary responsibility of this position is "External Data Access Request (EDAR)" Administrator.
- In the Fall of 2016, Cone Health implemented a new protocol for more stringent control of access by external parties to confidential information, and/or sharing of such information with external parties. This position administers a process initiated in situations where a request is made for granting access to Cone Health's Electronic Medical Record (EMR), or for sharing of data extracted from the EMR or other systems.
- EDAR is intended to ensure that there is leadership awareness and acceptance of all such access or sharing instances, through review and approval by a governing committee.
- Responsible for coordinating an annual Meaningful Use (MU) Risk Assessment, using a Risk Assessment tool; including documenting quarterly meetings, compiling the findings (medium and high risks) of the assessments, and tracking remediations of the identified.
- Prepare for and coordinate the IT General Controls portion of annual financial audit.
- Administer new HITRUST Assessment Xchange Vendor Management solution.
- Assist with ongoing HITRUST certification efforts.
- Provide support of operational ticket work for the Identity & Access Management (IAM) team.
Bachelor's degree with 3 years' experience inrelevant field, or
Associate's degree with 8 years' experience inrelevant field, or
High school diploma with 13 years' experiencein relevant field.
Bachelor's degree in computer science,programming, analytics or other technical field.
3 years experience in information systems orbusiness-related internships or employment experiences required
Prior professionalexperience in the field of Information Security preferred.
Prior Governance/Risk/Compliance(GRC) experience preferred.
Priorproject management experience preferred.
Priorhealthcare information experience preferred.
Prior work experience with the following information systems technologieshighly desirable:
• Desktop applications (MS-Word,MS-Excel, MS-Powerpoint, etc.)
• Databases (MS-Access, MS SQL,Oracle, etc.)
• Operating Systems (Windows,Linux, AIX).
Valid Driver's License | ValidDriver's License
Preferred: CISA, CISM, or other GRCcertification
Optional: Security+, GSEC, CompTIA
CISSP certification or equivalent(or eligibility for certification) within two years of starting the position.
(Eligibility for certification isdefined as having a passing grade on pre-certification exam.)
• Strong verbal and writtencommunication skills are required.
• A high degree of initiative,attention to detail, rapid comprehension of complex subjects/systems and self-learningare required.
• Experience with policy andprocedure writing.
Basic knowledge of securitypractice
Cone Health is an equal opportunity employer. If you require assistance with our online job submission process, please contact our team at 866-266-3767 to request an accommodation.