Organization:

　　SHSO-Sutter Health System Office-Valley

　　Position Overview:

　　Serves as the first point of contact for assigning, scheduling, and conducting security risk reviews for Sutter Health Information Services (IS) systems and solutions, as well as external partners and vendors. Performs and validates skilled technical security reviews and security assessments for large and complex information systems in alignment with the Sutter Health information security controls framework, state and federal regulations, and industry security best practices, culminating in the production of security risk assessment reports. Functions as a technical advisor to security leadership, IS departments, and Sutter Health business units on security-related issues and risks, and provides support by leading resolution on complex security issues and initiatives. Provides security training to IS staff members through new hire orientation, just-in-time training, and regular department training. Develops and/or reviews information security policies, procedures, standards, and guidelines to support Sutter Health business initiatives in alignment with regulatory requirements, security best practices, and evolving technologies. Conducts technical security-related research and analysis and translates the results into meaningful input to the Information Security program.

　　Job Description :

　　This is a hybrid role and the person hired for this role must come on site for work, meetings, etc.

　　EDUCATION:

　　Equivalent experience will be accepted in lieu of the required degree or diploma.

　　Bachelor's: Business, Computer Science, Engineering, Information Security, Management, Mathematics, Science, Technology, or related field

　　CERTIFICATION & LICENSURE:

　　CISSP-Certified Information Systems Security Professional Upon Hire

　　CHPC-Certified in Healthcare Privacy Compliance Upon Hire

　　TYPICAL EXPERIENCE:

　　5 years recent relevant experience.

　　SKILLS AND KNOWLEDGE:

　　Technical skills in planning, administration, and management of information systems, operational and technical security controls, and security risk analysis and management with expert knowledge of information systems security concepts, current information security trends, practices including security processes, methods, and procedures.

　　Thorough knowledge of software, hardware, databases, networks, firewalls, encryption, and other systems security devices, including a working knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP), Domain Name System (DNS), Dynamic Host Configuration Protocol (DHCP), Active Directory, network topologies, and intrusion detection systems.

　　Detailed knowledge regarding National Institute of Standards and Technology (NIST), Health Insurance Portability and Accountability Act/Health Information Technology for Economic and Clinical Health Act (HIPAA/HITECH), Federal Information Procession Standards (FIPS), and other related industry security standards, regulations, and best practices.

　　Expert knowledge of federal and state security and privacy-related regulatory requirements.

　　Superior business acumen and exceptional analytic skills, including the ability to analyze data and information, reach practical conclusions, recommend corrective actions, resolve conflicts, and institute effective changes.

　　Organizational and project management skills required, including the demonstrated ability to prioritize tasks, manage multiple projects simultaneously, and complete deliverables.

　　Exceptional attention to detail with time management and organization skills, including attention to detail, clear documentation, diagnostic capabilities and problem solving skills.

　　Superior communication (written/verbal), interpersonal, and presentation skills to explain complex technical or sensitive information clearly and professionally to diverse audiences and all levels of internal and external constituencies.

　　Robust computer skills, including an advanced knowledge of Microsoft Office Suite (Word, Excel, Outlook, Access, Access Control List (ACL)), Microsoft Visio or other flowcharting tool, various database architectures and related security and assessment tools and applications.

　　Ability to identify key concepts, factors, and risks based on conversations and document them in clear and concise narrative or graphic reports.

　　Ability to identify and solve complex problems, generate actionable recommendations, and make informed decisions based on the analysis of multiple sources of information while providing new perspectives on existing solutions.

　　Job Shift:

　　Days

　　Schedule:

　　Full Time

　　Shift Hours:

　　8

　　Days of the Week:

　　Monday - Friday

　　Weekend Requirements:

　　None

　　Benefits:

　　Yes

　　Unions:

　　No

　　Position Status:

　　Exempt

　　Weekly Hours:

　　40

　　Employee Status:

　　Regular

　　Number of Openings:

　　1

　　Sutter Health is an equal opportunity employer EOE/M/F/Disability/Veterans.

　　Pay Range is $47.28 to $70.92 / hour

　　The salary range for this role may vary above or below the posted range as determined by location. This range has not been adjusted for any specific geographic differential applicable by area where the position may be filled. Compensation takes into account several factors including but not limited to a candidate’s experience, education, skills, licensure and certifications, department equity, training and organizational needs. Base pay is just one piece of the total rewards program offered by Sutter Health. Eligible roles also qualify for a comprehensive benefits package.

　　All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, marital status, sexual orientation, registered domestic partner status, sex, gender, gender identity or expression, ancestry, national origin (including possession of a driver's license issued to individuals who did not present proof of authorized presence in the U.S.), age, medical condition, physical or mental disability, military or protected veteran status, political affiliation, pregnancy or perceived pregnancy, childbirth, breastfeeding or related medical condition, genetic information or any other characteristic made unlawful by local, state, or federal law, ordinance or regulation. External hires must pass a background check/drug screening. Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with Federal, state, and local laws, including but not limited to the San Francisco Fair Chance Ordinance.