Information Security Analyst

Silver Spring, Maryland-Silver Spring
Aug 21, 2021
Sep 25, 2021
Full Time
Your north star: protect Children's National and our patients, families, and staff by identifying and manage cybersecurity risks to our environment.

Position summary
The Information Security Analyst will protect CNH through the implementation, management, and continual improvement of our cybersecurity program. She or he will partner with colleagues across the department and the hospital to identify and manage cybersecurity risks. She or he is a doer who is equally comfortable overseeing partners, mentoring junior staff, influencing colleagues, and rolling up his/her sleeves and executing.


Minimum Education
Bachelor's Degree in a computer science, math, engineering or another relevant discipline (Required)

Minimum Work Experience
3+ years of experience in cybersecurity with a focus on incident response, cybersecurity operations, analysis, forensics and/or investigations (Required)

Required Skills/Knowledge
Experience leading risk assessments, audits, policy, governance, and/or reporting, preferably in a healthcare organization
Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences
Exposure to multiple security domains: risk, operations, engineering, architecture, exercises, training, etc.
Breadth of knowledge across many cybersecurity frameworks and standards with implementation experience in at least one (e.g. NIST CSF, NIST RMF/800 series, ISO/IEC 27001/2, OWASP, Mitre ATT&CK framework, SNAS CIS, etc.)
Experience with relevant legal and regulatory frameworks (e.g. HIPAA/HITRUST and PCI/DSS)

Functional Accountabilities

Core areas of responsibility that fall under this role include:
1. Drafting CNH security standards, policies, processes, and guidelines
2. Performing risk assessments of existing or new services, technologies, and vendors
3. Advising the security leadership on risk management issues and recommendations
4. Coordinating with business units, and across other stakeholders (including technology, legal, risk, compliance, and privacy, and ecosystem partners) to assess, implement, and monitor security risks & mitigations
5. Managing the trade-offs required to account for varying levels of risk tolerance, risk exposure, and security controls across the organization
6. Collaborating with the CN legal, risk, compliance, and privacy staff to monitor and ensure industry and government rules and regulations (HIPAA, PCI/DSS, etc)
7. Reporting on performance against established security metrics
8. Preparing clear and concise briefings for the CNH stake holders

Organizational Accountabilities
To be successful in this role you will need to be:
1. A team player who excels at supporting colleagues and focusing on shared results
2. An innovator who knows what it takes to execute and has a history of setting and meeting ambitions goals
3. A highly dependable "doer" who can work with little supervision while being resilient to change
4. A good listener who can check your ego at the door, allowing you to receive and provide candid feedback and criticism
5. Kind
6. An individual of high personal integrity who is able to act calmly in high-pressure and high-stress situations

Organizational Commitment/Identification

1. Anticipate and responds to customer needs; follows up until needs are met


1. Demonstrate collaborative and respectful behavior
2. Partner with all team members to achieve goals
3. Receptive to others' ideas and opinions

Performance Improvement/Problem-solving

1. Contribute to a positive work environment
2. Demonstrate flexibility and willingness to change
3. Identify opportunities to improve clinical and administrative processes
4. Make appropriate decisions, using sound judgment

Cost Management/Financial Responsibility

1. Use resources efficiently
2. Search for less costly ways of doing things


1. Speak up when team members appear to exhibit unsafe behavior or performance
2. Continuously validate and verify information needed for decision making or documentation
3. Stop in the face of uncertainty and takes time to resolve the situation
4. Demonstrate accurate, clear and timely verbal and written communication
5. Actively promote safety for patients, families, visitors and co-workers
6. Attend carefully to important details - practicing Stop, Think, Act and Review in order to self-check behavior and performance

Childrens National Hospital is an equal opportunity employer that evaluates qualified applicants without regard to race, color, national origin, religion, sex, age, marital status, disability, veteran status, sexual orientation, gender, identity, or other characteristics protected by law.

Similar jobs

More searches like this