Completes broad range of security tasks; daily operating systems (OSs)security administration and network security devices. Controls security technologies; antivirus, anti-spam, antispyware, security information and event management (SIEM) tools and web content management. Handles security monitoring, maintenance and compliance.
- Performs user and access administration on designated systems, technology platforms and applications, in accordance with the defined policies, standards, procedures, best practices or vendor recommendations.
- Performs installation, configuration management and administration of security systems and applications.
- Evaluates policy, compliance tools, network security appliances and network or host-based security systems.
- Responds to resolves or escalates reported security incidents.
- Follows up on security events reported by SIEM tools or in system and event logs.
- Performs threat and vulnerability assessments and takes remedial action.
- Researches threats and vulnerabilities and takes action to mitigate threats and remediate vulnerabilities.
- Produces monthly exception and management reports.
- Communicates to increase awareness of applicable security policies and standards.
- Assists and trains team members in the use of security tools, the preparation of security reports and the resolution of security issues.
- Represents the security team on development and deployment projects and other formal work groups and committees.
- Other duties as assigned.
- Bachelor’s Degree in information systems or equivalent work experience.
- Knowledge of information security principles: risk assessment, intrusion detection, network access control (NAC), threat and vulnerability management, identity and access management (IAM) required.
- Certifications from vendors or independent security organizations are preferred.
COMPLEXITY OF WORK:
- Within scope of job, requires critical thinking skills, decisive judgment and the ability to work with minimal supervision.
- Must be able to work in a stressful environment.
- Minimum four years information technology or network security experience.
- Technical proficiency with security-related systems and applications including Web Content Management required.
- Experience developing, documenting and maintaining security procedures.
- Experience handling network infrastructure; routers, switches, firewalls, and associated network protocols and concepts also required.
- Requires manual dexterity to operate computer, frequent sitting, standing, walking and normal or corrected vision, hearing, speaking.
PERSONAL PROTECTIVE EQUIPMENT:
- Follows standard precautions using personal protective equipment as required.
The policy of Cleveland Clinic and its system hospitals (Cleveland Clinic) is to provide equal opportunity to all of our employees and applicants for employment in our tobacco free and drug free environment. All offers of employment are followed by testing for controlled substance and nicotine. Job offers will be rescinded for candidates for employment who test positive for nicotine. Candidates for employment who are impacted by Cleveland Clinic’s Smoking Policy will be offered smoking cessation assistance and will be permitted to reapply for open positions after 90 days. Decisions concerning employment, transfers and promotions are made upon the basis of the best qualified candidate without regard to color, race, religion, national origin, age, sex, sexual orientation, marital status, ancestry, status as a disabled or Vietnam era veteran or any other characteristic protected by law. Information provided on this application may be shared with any Cleveland Clinic facility.
Cleveland Clinic is pleased to be an equal employment employer: Women/Minorities/Veterans/Individuals with Disabilities