The Sr. Information Security Analyst assists the Manager, Information Security Program (MISP), in defining, managing, and coordinating the diverse set of information security and internal controls related activities comprising the Seattle Children's Information Security Program. The Information Security Program activities focus on helping the Seattle Children's community ensure confidentiality, integrity, availability, authenticity, and non-repudiation of critical information system resources and related activities, including but not limited to, data/information, application software, servers and desktop hardware, physical assets, network and telecommunications, and services. The incumbent will support Information Services and Business Operations management in their efforts to identify and mitigate risks, implement necessary mitigating safeguards and controls, implement ongoing monitoring activities and countermeasures, and coordinate the multitude of activities that protect Seattle Children's information assets from intentional or inadvertent modification, disclosure or destruction, and provide support for applicable legal and regulatory requirements. The incumbent will provide monitoring and compliance tracking for the protection of information assets to business units throughout the Seattle Children's enterprise based on the organization?s risk assessment, and is a key member of the various information security work groups. With the MISP, is responsible for recommending and assisting in the development and implementation of appropriate information security policies, standards, procedures, and guidelines required to safeguard information resources.
Required:
- Bachelor's Degree or equivalent work experience in Computer Science , Information Management, or related technology field
- At least five (5) years of technology and/or information security experience
- At least three (3) years experience with network, server, or application security technologies and concepts
Preferred:
- Desired Certifications: CISSP, (ISSAP, ISSEP, ISSMP), GIAC, CISM, SSCP, CEH, CHS-III, TICSA, ISSPCS:P, CCSA, CIWSA, CCS, Security+, or other industry certifications customarily held by security and enterprise technical architects
- Computer and network forensics experience
- At least two (2) years professional services experience
