Job Description
NYU Langone Health is a world-class, patient-centered, integrated academic medical center, known for its excellence in clinical care, research, and education. It comprises more than 200 locations throughout the New York area, including five inpatient locations, a children’s hospital, three emergency rooms and a level 1 trauma center. Also part of NYU Langone Health is the Laura and Isaac Perlmutter Cancer Center, a National Cancer Institute designated comprehensive cancer center, and NYU Grossman School of Medicine, which since 1841 has trained thousands of physicians and scientists who have helped to shape the course of medical history. At NYU Langone Health, equity, diversity, and inclusion are fundamental values. We strive to be a place where our exceptionally talented faculty, staff, and students of all identities can thrive. We embrace diversity, inclusion, and individual skills, ideas, and knowledge. For more information, go to nyulangone.org, and interact with us on LinkedIn, Glassdoor, Indeed, Facebook, Twitter, YouTube and Instagram.
Position Summary:
We have an exciting opportunity to join our team as a Sr. II Analyst – Security.
In this role, the successful Analyst is responsible for developing, implementing, and maintaining information security policies and standards that align with the organization’s business objectives and comply with legal and regulatory requirements. The analyst will work closely with various departments to assess security risks, analyze security requirements, and develop policies and standards to mitigate those risks. These documents establish the framework for the Medical Center IT department (MCIT) to operate consistently and comply with related industry standards and regulations (i.e., HIPAA, Meaningful Use, FISMA, PCI, FERPA).
The position reports to the Chief Information Security Officer and to the Lead of IT Risk and Governance.
Job Responsibilities:
- Develop, implement, and maintain information security policies, standards, and procedures that are aligned with the organization’s business objectives and comply with legal and regulatory requirements.
- Collaborate with other teams, such as IT, legal, and compliance, to ensure alignment of security policies and practices.
- Excellent verbal communication and presentation skills and ability to present security concepts to a wide range of audiences.
- Excellent technical writing skills (English) and ability to understand and translate complex cyber security requirements into clear and organized written form.
- Work closely with stakeholders to identify and assess risks to the organization’s information systems and assets.
- Participate in audits and assessments to ensure compliance with security policies and procedures.
- Stay current with industry developments and emerging threats and provide recommendations for improving the organization’s security posture.
- Ensure compliance with relevant laws, regulations, and industry standards, such as GDPR, HIPAA, PCI-DSS, and ISO 27001.
- Maintain a repository of recommended policy changes and status of each recommendation on an ongoing basis.
- Work with IT subject matter experts to ensure policies and standards reflect their procedures.
- Create and publish security-related communications to inform users of emerging threats and offer education on industry trends (i.e. 2 factor, DLP, etc.) affecting the security posture of the institution.
Minimum Qualifications:
To qualify you must have a Bachelor’s degree from an accredited college/university; Master’s degree from an accredited college/university preferred
Minimum 5 years of progressive experience in IT security policy and compliance management programs for healthcare or academic medical centers; interaction with and support of clients; risk management and other GRC responsibilities within a large healthcare organization.
Demonstrated experience with IT security governance, security education, security scorecards, and ability to work under aggressive deadlines with competing priorities.
Qualified candidates must be able to effectively communicate with all levels of the organization.
NYU Langone Health provides its staff with far more than just a place to work. Rather, we are an institution you can be proud of, an institution where you’ll feel good about devoting your time and your talents.
NYU Langone Health is an equal opportunity and affirmative action employer committed to diversity and inclusion in all aspects of recruiting and employment. All qualified individuals are encouraged to apply and will receive consideration without regard to race, color, gender, gender identity or expression, sex, sexual orientation, transgender status, gender dysphoria, national origin, age, religion, disability, military and veteran status, marital or parental status, citizenship status, genetic information or any other factor which cannot lawfully be used as a basis for an employment decision. We require applications to be completed online.
If you wish to view NYU Langone Health’s EEO policies, please click here. Please click here to view the Federal “EEO is the law” poster or visit https://www.dol.gov/ofccp/regs/compliance/posters/ofccpost.htm for more information.
NYU Langone Health provides a salary range to comply with the New York City Law on Salary Transparency in Job Advertisements. The salary range for the role is $92,066.00 – $127,258.56 Annually. Actual salaries depend on a variety of factors, including experience, specialty, education, and hospital need. The salary range or contractual rate listed does not include bonuses/incentive, differential pay or other forms of compensation or benefits.
To view the Pay Transparency Notice, please click here