Information Security Analyst- Device, App, and Network

Recruiter
MFA
Location
Arlington, Virginia, United States
Salary
USD 36.54 - 49.86 per hour
Posted
26 Dec 2024
Closes
25 Jan 2025
Ref
4058486696081347049
Employer Sector
Technology, IT & Telecoms
Contract Type
Permanent
Hours
Full Time
Position Summary

This position supports the Medical Faculty Associates ("MFA") including, but not limited to assessing potential and actual risk to MFA data, business, and IT infrastructures that support its clinical, academic, research, and administrative functions. The position ensures collaborative outcomes with external vendors, affiliates, and partners with internal and external stakeholders to improve processes, mitigate risks, and remediate vulnerabilities related to IT governance, risk, and compliance.

Essential Duties and Responsibilities

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Other duties may be assigned.

  • Conduct detailed security and third-party risk assessments to ensure projects and initiatives align with MFA compliance policies, standards, and procedures as well as HIPM, HITRUST, HITECH, and other government and medical agencies' regulations
  • Recommend remediation strategies including risk-based prioritization of action items and identification of mitigating controls; as well as evaluate, develop, and recommend new information security assessment tools/techniques
  • Develop HIPM-related training and awareness
  • Collaborate with key stakeholders to identify, manage and, where appropriate, accept/ track risk
  • Develop and implement security policies, standards and in line with HIPAA to ensure enterprise-wide risk mitigation
  • Support and coordinate compliance-focused units and programs
  • Contribute to and develop best practices, strategies, methodologies, and documentation/templates
  • Experience in hybrid environments involving hybrid on-premises and public/private cloud as well as numerous vendor-specific Saas solutions
  • Participate in 24x7 on-call rotation
  • The omission of specific duties does not prevent the supervisor from assigning duties that are logically related to the position

Minimum Qualifications

Education

  • A Bachelor's in Computer Science or an equivalent combination of training and experience

Experience

  • A minimum of 3 years of experience in IT operations or IT security

Physical Requirements

  • Walk, stand, and reach outward on a constant basis in an office setting.
  • Must be able to occasionally lift, carry, push, or pull over 100 lbs. as part of the role.
  • Regularly exposed to healthcare settings that may require personal protective equipment.
  • Requires manual dexterity to operate a computer keyboard, calculator, copier machine, and other equipment.

About GW MFA

MFA physicians provide comprehensive patient care, offering one practice for the whole person with 52 medical and surgical specialties. As members of the GW School of Medicine and Health Sciences faculty, MFA providers are teachers and mentors for medical students, residents, fellows, and researchers preserving the rich tradition of academics, research, and healing. In addition to maintaining a closely integrated alliance with The George Washington University and The George Washington University Hospital (GWUH) which is separately owned and operated by Universal Health Services (UHS), the GW MFA has active referring relationships with 12 area hospitals.

The GW MFA's leading healthcare presence in the DC metro region is complemented by a network of community-based practices in DC, Maryland, and Virginia. Given its geographic location in central NW Washington, DC, and proximity to more than 175 resident embassies, the MFA continues to evolve its international clinical outreach.

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities

The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c)