IT Security Analyst/Project Manager (PT4) - HSC Information Technology Services
Job posting number: #7067010
Posted: June 17, 2020
Application Deadline: Open Until Filled
The Health Sciences Center Department of Information Technology Services at West Virginia University is seeking applications for a IT Security Analyst/Project Manager (Professional Technologist 4). This position provides security, project management, and technical support for the devices at the WVU Health Sciences Center. This position is a key member of the Health Sciences Information Security team responsible for remediation plans for network vulnerabilities, securing sensitive information, removal of viruses or malicious software, and performing as a lead during incident response. This position will also function as the lead for data loss prevention, anti-virus management, assist with security risk assessments, as well as policy review and creation at the WVU Health Sciences Center. The position will function as a project manager for security related initiatives at the HSC, including offsite locations and the Morgantown, Charleston, and Eastern-division campuses.
In order to be successful in this position, the ideal candidate will:
Provides project management leadership for HSC ITS using industry proven security and compliance risk management methods and techniques.
Manages security and compliance for projects from inception to completion to help move forward organizational goals and objectives
Review Data Usage Agreements and vendor contracts to ensure Research projects and contractual agreements between WVU and external/internal entities meet Information Technology security and privacy compliance requirements prior to finalizing agreements.
Participate on research data committee and meetings.
Provides security services to all office locations and the Morgantown, Charleston, and Eastern campuses.
Work with project teams to develop, document, and execute test plans for accuracy of business processes, testing, setup, enhancements, customizations etc.
Serve as a security and risk project management process authority, providing project status to HSC IT management and business areas.
Independently analyzes, prioritizes and communicates project security and compliance risks to senior management.
Design and execute technical research projects
Manage and direct IT vendors to provide high quality networks, systems, and technical support to meet the security and compliance requirements for the WVU Health Sciences Center.
Oversee growth of IT infrastructure
Provide technical assistance on security risk assessments of infrastructure and system
Be a hands-on technology resource, shaping the concept and seeing it through to detailed design and implementation across a variety of devices and platforms.
Functions as the lead security analyst for Vulnerability Management, Issue Management, and Incident Response for all computers at the Health Sciences Center.
Works with the IT Security Director and the Director of Support Services to ensure computers are updated, protected with the universities Anti-Virus solution and ensures data is protected.
Recommend and implement approved improvements to information security systems, policies, procedures and standards.
Functions as a backup administrator for data loss prevention to ensure sensitive data is removed from computers such as PHI, SSN, and Credit cards
Work with and assist departmental computer support contacts and data stewards to ensure sensitive information is remediated and antivirus clients are updated.
Troubleshoots security related issues with hardware and software problems that may arise on Health Sciences Center computers, LANs and VoIP phones.
Must maintain a flexible work schedule as some evening and weekend work may be required.
Must be on call to respond to network emergencies/helpdesk support 24 hours a day, seven days a week.
Function as a lead point of contact on all security related issues and act as liaison between HSC Information Technology Services Help desk, WVUH Help Desk, and all other communication areas of the enterprise.
Bachelor's degree in Information Technology/Cyber Security, Computer Science, Computer Engineering, Information Systems, or related field and/or equivalent experience.
Five (5) years of experience; Or an equivalent combination of education and experience.
Knowledge of computer security issues, requirements and trends including an awareness of information security laws (such as HIPAA and FERPA) and accented industry practice.
Ability to build collaboration and establish rapport with faculty, staff, students, and administrators.
Strong working knowledge of information technology security and compliance.
Intelligent, articulate, and persuasive leader who communicates information security-related concepts to a diverse range of technical and non-technical staff
Federal and state regulations and knowing what measures must be taken for compliance
Strong oral and written communication skills
Knowledge of design, installation, and implementation of complex networks in an educational or healthcare environment and awareness of information security laws such as HIPAA, and accepted industry practice.
Working knowledge of Microsoft Active Directory, Mac OSX, and Linux Operating Systems.
General knowledge network protocols, including TCP/IP.
Proven experience with security vulnerability management, anti-virus, and data loss prevention tools.
Experience in delivering and supporting network systems with stringent security requirements meeting