Logo
Cherokee Indian Hospital Authority

Information Security Technician Job at Cherokee Indian Hospital Authority in Che

Cherokee Indian Hospital Authority, Cherokee, NC, United States

Job Description

Job Description
Job Title: Information Security Technician (InfoSec)

Job Code: INSTECH
Department: Information Technology
Division: Operations
Salary Level: Non-Exempt 9
Reports to: Information Security Specialist
Last Revised: October 2024

Job Summary

The Information Security Technician supports CIHA's cybersecurity efforts by working closely with the Information Security Specialist, CIO, CISO, Deputy Director of Information Technology, and Help Desk Support Supervisor. Responsibilities include managing cybersecurity systems, conducting user training, and performing risk assessments. The role also involves incident response, evaluating security tools, and maintaining Multi-Factor Authentication (MFA) resources.

Essential Duties and ResponsibilitiesCybersecurity Administration and Support
  • Provide technical support and training to CIHA computer network users to address cybersecurity issues.
  • Assist in risk assessments to identify infrastructure and application vulnerabilities.
  • Support forensic investigations related to threats or incidents and implement mitigation strategies.
  • Monitor and enforce user compliance with security awareness training and testing.
  • Manage inventory and distribution of MFA cards and related security equipment.
  • Participate in evaluating, recommending, and purchasing new security technologies and software.
Incident Response and Threat Management
  • Assist in responding to security incidents, including triage, root cause analysis, and communication, following the CIHA Incident Response Plan.
  • Identify and report recognized or potential cybersecurity threats.
  • Promote security and controls awareness throughout CIHA.
Training and Collaboration
  • Conduct individual and group cybersecurity training sessions, including for new employee orientation.
  • Collaborate with external consultants or vendors to address CIHA cybersecurity needs.
  • Keep current with emerging cybersecurity technologies and recommend future changes for CIHA systems.
Additional Responsibilities
  • Provide technical support for IT service personnel addressing security-related issues.
  • Ensure adherence to CIHA safety guidelines and policies.
  • Perform other duties as assigned.
Education, Experience, and Certifications
  • Education: Associate degree or higher in system administration, network security, network administration, or related field.
  • Experience:
    • At least two years of system support experience required.
    • One year of direct experience with HIPAA preferred.
    • Background in Governance, Risk, and Compliance (GRC) preferred.
    • Cybersecurity Specialist experience preferred.
  • Certifications:
    • Security+ certification required within one year of hire.
  • Licenses: Valid North Carolina driver's license required.
Job Knowledge
  • Expertise in infrastructure development and operations.
  • Proficiency in vulnerability scanning, antivirus, and security software.
  • Familiarity with penetration testing is preferred.
  • Advanced knowledge of information systems technology, computer troubleshooting, and technical concepts.
  • Strong written and verbal communication skills to interpret technical manuals and provide support.
  • Ability to work independently and collaboratively in a team environment.
  • Demonstrated tact, problem-solving, and attention to detail in managing security-related issues.
Complexity of Duties
  • Evaluate, troubleshoot, and modify cybersecurity configurations to meet operational requirements.
  • Prioritize and interpret technical issues to ensure uninterrupted service.
  • Provide effective training and communication to new and existing users of security technologies.
  • Stay updated on regulatory compliance and ensure systems align with CIHA policies and procedures.
Contacts with Others
  • Frequent interaction with program directors, healthcare providers, coworkers, auditors, governmental agencies, and vendors.
  • Professional communication, tact, and decorum are essential to maintain effective working relationships.
Confidential Data
  • Access to CIHA medical data, personnel files, financial information, and other sensitive data.
  • Strict adherence to confidentiality policies, including HIPAA, is required.
  • Violations of confidentiality may result in disciplinary action.
Mental, Visual, and Physical Demands
  • Close attention to detail and mental concentration required for extended periods.
  • Frequent interruptions necessitate multitasking and prioritization.
  • Physical requirements include mobility, manual dexterity, and the ability to lift up to 50 pounds.
Work Environment
  • Primarily office-based, with occasional travel to other locations.
  • Requires availability for 24/7 on-call support in the event of security breaches or emergencies.
Supervision Received
  • Works under the general supervision of the Information Security Specialist, CIO, and Deputy Director of IT.
  • Exercises initiative and judgment in independently planning and performing job duties.
Responsibility for Accuracy
  • Must ensure cybersecurity systems function as intended to protect CIHA operations and data.
  • Errors could lead to financial and reputational damage.
Customer Service

Demonstrates superior customer service skills in alignment with CIHA’s Mission, Vision, Values, and Guiding Principles. Proactively seeks opportunities to support patients, staff, and external partners with professionalism and courtesy.