Dignity Health

  • IT Security Analyst III - Remote Option

    Job ID
    Employment Type
    Full Time
    IT Security
    Hours / Pay Period
    Dignity Health System Office
    Optional Work Location
    Optional Work Location
    Optional Work Location
    US-CA-San Francisco
    Optional Work Location
    Standard Hours
    Mon-Fri (8-5 PM)
    Work Schedule
    8 Hour
  • Overview


    Dignity Health, one of the nation’s largest health care systems, is a 22-state network of more than 9,000 physicians, 63,000 employees, and 400 care centers, including hospitals, urgent and occupational care, imaging and surgery centers, home health, and primary care clinics. Headquartered in San Francisco, Dignity Health is dedicated to providing compassionate, high-quality, and affordable patient-centered care with special attention to the poor and underserved. In FY17, Dignity Health provided $2.6 billion in charity care, community benefit, and unpaid cost of government programs. For more information, please visit our website at www.dignityhealth.org. You can also follow us on Twitter and Facebook. 


    Position Summary:
    Follows established process for common requests and issues. Determines course of action on uncommon/unique requests.  Performs intermediate and complex tasks related to Security Risk Management processes. May act as an escalation point for other InfoSec Analysts. 
    • Provides assistance and support as requested to Security Engineering, IDM Engineering, Network Engineering, Security Risk Management and/or Information Security Ops.
    • Proactively identifies and escalates incidents as well as operational performance concerns.
    • Manage workload, prioritizing tasks and documenting time, and other duties as directed by management.
    • Assists in Continual Service Improvement efforts by identifying opportunities for process improvement. Drives some process improvement efforts.
    • Pursue continuing education to grow and maintain knowledge of best practices, compliance requirements, threats and trends in information security, translating into operational action items, policies, procedures, standards and guidelines as part of the IT Security team
    • Act as a security advocate for IT operations team’s adherence to Dignity Health policies and industry best practices.
    • Participate in the collection and documentation of departmental knowledge artifacts, participant in the development and population of knowledge management and collaboration systems for the IT Security team.
    • Communicates technical information to team members and across the IT Organization.
    • Assists Management in identifying knowledge gaps and providing training to Analysts and Technicians in the IT Security Organization as directed.
    • Assists in development of training material.
    • Provide subject matter expertise across the Governance, Risk and Compliance (GRC) organization and to business and clinical stakeholders in areas including HIPAA, PCI, NIST Cybersecurity framework and Dignity Health policies and standards.
    • Independently works with key stakeholders to support Governance, Risk and Compliance (GRC) initiatives across the enterprise, with an emphasis on assessing risk.
    • Support and improve information security governance, risk and control framework by conducting testing and internal control reviews and risk assessments.
    • Completes assigned responsibilities within service level objectives as assigned by management.
    • Provides consultation and guidance to Dignity Health business partners to ensure initiatives and projects are implemented in a compliant manner.


    Minimum Qualifications:
    • BA or BS in Computer Science, Technology, or Business discipline or equivalent experience is required.
    • 3-4 years’ experience in related job area (information security, identity/access management, IT Audit, forensics/eDiscovery) required.
    • 2-4 years of professional experience conducting Cybersecurity risk assessments required.
    • 2-3 years in risk assessments associated with 3rd and 4th party external entities
    • Experience in Windows Office (Work, Excel, etc.) required.
    • One or more relevant technical/professional security certifications  (such as:  COMP-TIA Network+ , Security+, SANS GIAC, CISSP, CRISC, CISA, or vendor-specific) required.

    Preferred Qualifications:

    • 3-5 years risk management GRC experience in the healthcare/medical environment preferred
    • 2-4 years experience in Cybersecurity governance, risk, and/or compliance in the healthcare/medical environment preferred
    • 2-4 years of audit, compliance, analytics, research, or legal in an industry outside of healthcare will be considered
    • 4-6 years of professional experience conducting Cybersecurity risk assessments desired.
    • 2-4 years’ experience in programing or system/network operations and administration preferred.
    • 1-2 years project management for minor projects experience preferred
    • Experience in UNIX/Linux OS and/or Cisco IOS preferred.
    • Experience in the Health Care industry and HIPAA desired
    • Experience with NIST Risk Management Framework, NIST Cybersecurity Framework desired
    • Experience in reviewing and revising cybersecurity content relative to contracts and statements of work is considered a plus
    • Experience using RSAM GRC products is considered a plus
    • Certified Risk and Information Systems Control (CRISC) or GRC Professional (GRCP) is considered a plus
    • Functional understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley preferred.
    • Strong knowledge of healthcare environments preferred.
    • Two or more certifications relevant technical/professional security certifications  (such as:  COMP-TIA Network+ , Security+, SANS GIAC, CISSP, CRISC, CISA, or vendor-specific) preferred.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply, or can't find a relevant opportunity?

    Join one of our Talent Communities to learn more about a career at Dignity Health and experience #humankindness.