Summary: The Information Security Application Analystplays a vital role as a member of the Cybersecurity Team within the CookChildren's Health Care System (CCHCS) Information Security Office. Cybersecurity supports the CCHCS mission through the use of informationsecurity tools and technologies that detect, prevent or mitigate threats to theconfidentiality, integrity and/or availability of informationresources. The Information Security Application Analyst willprimarily be responsible for ensuring that applications, websites and/orsoftware at CCHCS are implemented and/or supported in a secure manner. He/she will assist the Manager of the Cybersecurity Team to define the securitystandards, controls and architecture by which applications, websites and/orsoftware must comply. The Information Security Application Analyst willalso serve as a security liaison to the CCHCS application and web support teamsand participate as a consultant and/or team member on high-risk and/orhigh-visibility projects. He/she may be called upon for troubleshootingand/or support for application security related matters such as softwarepatching, website vulnerabilities, security certificates, architecture changes,etc. The Analyst will also have administrative responsibilities forcertain applications and/or tools that are used within the Information SecurityOffice.
Bachelor's degree required in the field of computer scienceor other related field and 4 years of professional experience working within aninformation security program requiring compliance with regulations such asHIPAA, PCI/DSS or equivalent.
Extensive critical thinking and application troubleshootingskills.
Experience in use of vulnerability scanning as part of arisk management program.
Excellent technical writing skills and ability tocommunicate effectively at all levels of the organization.
Experience identifying, measuring and mitigating riskrelated to development and/or implementation of websites and applications.
Licensure, Registration, and/or Certification:
CISSP, GIAC, CASE or equivalent security certifications area plus