Key Responsibilities:
An Information Security Specialist interprets information security policies, standards and other requirements as they relate to internal information system and coordinates the implementation of these and other information security requirements.
The Information Security Specialist redesigns and reengineers internal information handling processes so that information is appropriately protected from a wide variety of problems including unauthorized disclosure, unauthorized use, inappropriate modification, premature deletion, and unavailability.
The Information Security Specialist will provide highly specialized experience in one or more information, computer, or network security disciplines (e.g. penetration testing, accreditation, or risk assessment and mitigation); develop system security plans, certification and accreditation reviews; analyze and establish processes for comprehensive systems and data protection; assess and mitigate system security threats and risks; perform security audits, evaluation, risk assessments and make strategic recommendations; and manages, supports, installs and maintains security tools and systems, and tracks security patches and incidents.
The Information Security Specialist will possess knowledge and experience in standard methodologies used in certification and accreditation processes; extensive experience following NIST guidelines in risk assessment and management; conducting vulnerability analysis; developing mitigation plans; and performing penetration testing, password protection testing and application security testing.
This Classification must have a minimum of five (5) years of experience applying security policies, standards, testing, modification and implementation.
At least three (3) years of that experience must be in information security analysis.
This classification requires the possession of a bachelor’s degree in an IT-related or Engineering field.
Additional qualifying experience may be substituted for the required education on a year-for-year basis.
Global Information Assurance Certification (GIAC) Exploit Researcher and Advanced Penetration Tester (GXPN)
Offensive Security Experienced Penetration Tester (OSEP)
GIAC Penetration Tester (GPEN)
Offensive Security Certified Professional (OSCP)
Offensive Security Exploit Developer (OSED)
Offensive Security Exploitation Expert (OSEE)
Offensive Security Web Expert (OSWE)
CompTIA PenTest+
Certified in Risk and Information Systems Control (CRISC)
Certified Information Systems Security Professional (CISSP)
Certified Information Systems Auditor (CISA)
Qualifications:
Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.
Professional certifications such as CISSP, CISM, CEH, or equivalent.
Proven experience as an Information Security Specialist or similar role.
In-depth knowledge of security protocols, cryptography, and risk management.
Experience with security tools and technologies (e.g., firewalls, SIEM, IDPS).
Empowering the Future of Healthcare
The healthcare Industry is on the brink of a paradigm shift where patients are increasingly being viewed as empowered consumers, utilizing digital technologies to better understand and manage their own health. As a result, there is a growing demand for a range of patient-centric services, including personalized care that is tailored to each individual's unique needs, health equity that ensures access to care for all, price transparency to make healthcare more affordable, streamlined prior authorizations for medications, the availability of therapeutic alternatives, health literacy to promote informed decision-making, reduced costs, and many other initiatives designed to improve the patient experience.
ClinDCast is at the forefront of shaping the future of healthcare by partnering with globally recognized healthcare organizations and offering them innovative solutions and expert guidance. Our suite of services is designed to cater to a broad range of needs of healthcare organizations, including healthcare IT innovation, electronic health record (EHR) implementation & optimizations, data conversion, regulatory and quality reporting, enterprise data analytics, FHIR interoperability strategy, payer-to-payer data exchange, and application programming interface (API) strategy.
