Job Description
IntroductionDo you want to join an organization that invests in you as a(an) Consulting Information Security Analyst? At HCA Healthcare, you come first. HCA Healthcare has committed up to $300 million in programs to support our incredible team members over the course of three years.BenefitsHCA Healthcare, offers a total rewards package that supports the health, life, career and retirement of our colleagues. The available plans and programs include:Comprehensive medical coverage that covers many common services at no cost or for a low copay. Plans include prescription drug and behavioral health coverage as well as free telemedicine services and free AirMed medical
options for dental and vision benefits, life and disability coverage, flexible spending accounts, supplemental health protection plans (accident, critical illness, hospital indemnity), auto and home insurance, identity theft protection, legal counseling, long-term care coverage, moving assistance, pet insurance and more.Free counseling services and resources for emotional, physical and financial wellbeing401(k) Plan with a 100% match on 3% to 9% of pay (based on years of service)Employee Stock Purchase Plan with 10% off HCA Healthcare stockFamily support through fertility and family building benefits with Progyny and adoption assistance.Referral services for child, elder and pet care, home and auto repair, event planning and moreConsumer discounts through Abenity and Consumer DiscountsRetirement readiness, rollover assistance services and preferred banking partnershipsEducation assistance (tuition, student loan, certification support, dependent scholarships)Colleague recognition programTime Away From Work Program (paid time off, paid family leave, long- and short-term disability coverage and leaves of absence)Employee Health Assistance Fund that offers free employee-only coverage to full-time and part-time colleagues based on income.Learn more about Employee BenefitsNote: Eligibility for benefits may vary by
contribute to our success. Every role has an impact on our patients' lives and you have the opportunity to make a difference. We are looking for a dedicated Consulting Information Security Analyst like you to be a part of our team.Job Summary and QualificationsThe Consulting Information Security Analyst is responsible for leading, driving, and, in some cases, implementing Information Protection & Security (IPS) activities. He or she serves as a liaison between local leadership, corporate SMEs, and IPS leadership. Consulting ISAs operate independently with minimal supervision from the DISA and provide mentoring to less-experienced ISAs.Consulting ISAs are responsible for leading the ongoing maturation of the IPS Program, including: driving consistency and visibility of IPS risk management activities; working with business owners to protect patients and prevent data loss; and rounding with leadership to reduce or eliminate risky behaviors. This role is responsible for helping workforce members appropriately comply with the company's IPS requirements.Consulting ISAs are tasked with the most complex work efforts, requiring them to leverage their IT, security, and business experience to address IPS program deficiencies while meeting patient care and business needs. This role requires extensive focus on building and expanding relationships with key stakeholders such as leadership; workforce members; physicians; IT teams; business owners; vendors; and other people and entities who support IPS objectives and activities.Major Responsibilities:Risk ManagementCoordinate and perform risk assessments using corporate-provided tools and
and manage execution of corrective action plans to address deficiencies identified during risk assessments.Ensure the designated committee (e.g., Facility Security Committee, Facility Ethics & Compliance Committee) receives, documents, tracks, investigates, and sponsors remediation of security control deficiencies, suspected IPS incidents, and complaints. Provide education and guidance to ensure these committees make informed, risk-based decisions necessary to balance business needs and security objectives.Represent IPS needs in strategic planning, budgeting, and work prioritization processes.Drive ongoing compliance with IPS policies, standards, and operational procedures.Work with leaders to submit and approve exceptions to IPS standards.Lead audit response activities to address IPS issues identified by Internal Audit or external auditors (e.g., CMS HIPAA Security audits).Issues Tracking and ResolutionSupport, coordinate, and manage incident response and investigation activities.Investigate information leaving the organization with appropriate leadership (i.e. Manager, ECO, HR, Legal)Coordinate with HR Director, Facility Privacy Official and Ethics & Compliance Officer to ensure that sanctions related to IPS issues are applied appropriately and consistently.Perform follow-up education and consultation with workforce members with risky behaviors and/or behaviors that violate Company policies and standards.ExecutionRound to build and strengthen relationships with workforce members at all levels and to educate staff on how to reduce or eliminate risky behaviors.Facilitate, and lead where appropriate, proactive IPS communication and awareness activities, including coordinating with HR and training departments to ensure that periodic workforce training includes company-required IPS content.Assist with and manage the review and approval of user requests for high-risk access.Assist the IPS Director in driving key elements in the enterprise and division IS programs to ensure that required processes are adopted and maintained.Lead and coordinate implementation and adoption of technology and processes changes.Vendor Systems SecurityCollaborates with system business owners to ensure vendor contracts are in place for department IT systems and services.Work with appropriate business leadership and supply chain to help ensure specific systems, services, and devices receive proper assessments and
with appropriate business, IT, supply chain, and corporate IPS stakeholders to help ensure systems, services, and devices receive proper security assessments and
with system business owners and vendors to document system vulnerabilities and document mitigation controls or remediation actions.Ensure vendor systems use approved connectivity, remote management and monitoring.Education & Experience:Bachelor's degree and 7+ years of experience in a relevant field OR High School Graduate/Equivalent and 14+ years of experience in a relevant field- RequiredMaster's degree -PreferredOr equivalent combination of education and/or experienceLicenses, Certifications, & Training:CISSP, CISA, HCISPP, CHC, CHPC, CHSP, CISM or other relevant certifications in information security or privacy- PreferredHCA Healthcare has been recognized as one of the World's Most Ethical Companies® by the Ethisphere Institute more than ten times. In recent years, HCA Healthcare spent an estimated $3.7 billion in cost for the delivery of charitable care, uninsured discounts, and other uncompensated expenses."Good people beget good people."- Dr. Thomas Frist, Sr.HCA Healthcare Co-Founder We are a family 270,000 dedicated professionals! Our Talent Acquisition team is reviewing applications for our Consulting Information Security Analyst opening. Qualified candidates will be contacted for interviews. Submit your resume today to join our community of caring!We are an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.
Job Tags
Full time, Temporary work, Part time, Local area, Remote job, Flexible hours,