Associate Information Security Specialist

Basic education, experience and skills required for consideration:
Minimum Education:

• Bachelor’s Degree; Experience may substitute for the minimum educational requirements.
• 1+ years of experience in a technology related field. 0 years of experience in a technology related field with Bachelors.

Required Certification/Licensure:

• GSEC - GIAC’s Security Essentials Certification (or within 12 months of hire) 
• Any other certification is highly desirable: 
• CISA – Certified Information Systems Auditor
• GIAC:
• GISP – Information Security Professional, 
• GSEC – Security Essentials Certification, 
• SSCP- Systems Security Certified Practitioner, 
• GISF- Information Security Forensics, 
• CBCP - Certified in Business Continuity Planning

Preferred education experience and skills:

• Working knowledge of Information Security tools, practices, policies and processes in a multi-vendor environment with an emphasis on risk analysis, risk assessment and risk management.  
• Excellent verbal and written communication skills and clear articulation of complex issue and problem-resolution skills a must. Comprehensive understanding of the regulatory environment including HIPAA, PCI, Red Flags, CaSB1386; and, information security frameworks i.e. NIST, FIPS, FISMA, ISO, and Cobit.  Knowledge of design, implementation, and maintenance of: security incident and event management (SIEM), local area networks and firewalls, Active Directory, group policy objects, scripting, vulnerability scanning, encryption, IDS/IPS, web filtering, LDAP, multi-factor authentication systems, exploits and hacker techniques, and, network and operating system security principles. 
• Hospital/healthcare industry experience is desirable, but not required.
• Excellent verbal and written communication and organizational skills
• Interpersonal and negotiating skills 
• Foster/promote a professional image
• Works well independently or on multiple projects as a project team member

Knowledge of any of the following is desirable:

• Security Incident and Event Management systems
• Identity and Access Management solutions
• Log monitoring software 
• Vulnerability Management tools
• Database vulnerability and monitoring tools
• VMware (virtual machine software)
• Firewall
• Encryption software
• Anti-malware and anti-virus detection software
• VPN Technologies
• Event Collection software
• Event Correlation software
• Firewalls
• Unix/Linux OS
• Microsoft Windows 2003 servers
• Microsoft Windows Vista and XP
• Microsoft Exchange
• Network Analysis Software
• Routers / Switches
• IIS, HTTPS, SSL, SSH, POP3, DNS, FTP
• Snort, Nmap, Snoop, Tcpdump, Wireshark

Occasionally covers varied shifts, weekends and holidays.  
Occasional travel required

City of Hope is committed to creating a diverse environment and is proud to be an equal opportunity employer.  All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, sexual orientation, gender identity, age, status as a protected veteran, or status as a qualified individual with disability.  #LI-CL