Accountable for supporting the implementation of Geisinger’s cybersecurity strategy under the direction of leadership. Proactively analyzes and anticipates changes in the cyber-threat landscape and actively participates in the design of effective countermeasures.. Responsible for the centralized tracking, management and reporting of cybersecurity technical issues and business risks. Performs risk assessment and management activities in regards to technology, process, and applications.
Job Duties Write policies, standards, procedures, guidelines, and other technical security documents.Design, implement, and enforce security policies that protect systems and data from security risksMaintain and manage cybersecurity GRC Metrics, risk tolerances/triggers.Develop automated reports and use data visualization tools to visualize GRC KPIs.Interpret audit request lists and perform evidence collection activities in support of various audits.Minimize user disruption due to burdensome security controls or duplicative evidence collection.Serves as a Serves as a direct contact and subject matter expert for highly technical and complex cybersecurity inquires relative to their assigned specialized areas.Conduct security third party risk management (TPRM) for Vendors at onboarding, contract review, RFP/RFI, and annual re-assessments while managing the continuous monitoring strategy.Provide risk consulting and/or training to business and technical partners to improve the efficacy of risk management across the enterpriseAssists the Cybersecurity Architect with development of specialized design and architecture for Geisinger's Cybersecurity Program including roadmaps, technical direction, and alignment of controls to protect and enable the business.Implement and track measures and metrics to ensure efficiency of solutions and return on investment in assigned area of specialty.Leads the implementation of a sustainable and effective process to monitor cyber-threat intelligence as reported by various public, IT product vendors, security analysts and government threat sources, as well as, integrate into current systems and future security designs through a continuous improvement effort.Develops and leads assigned cybersecurity projects to implement new security services, extend, or improve existing services.Successfully completes complex assignments on schedule with limited supervision or guidance.Develops and proactively evaluates and assesses current processes, procedures, capabilities and execute continuous improvement activities across the organization.Provides feedback and have direct involvement in the ongoing implementation and maintenance of the ISO’s Cybersecurity Strategic Plan, monitors and analyzes security event data produced from system logs, server and web, network components, and security systems to identify threats and unauthorized activity.Gathers, monitors, analyzes and reports observed cyber-threat activity as reported by various public, IT product vendors, security researchers and government threat sources.Provide guidance to associate level personnel for identifying and reporting on specific threat and vulnerability topics.Performs risk assessments on technology, processes, and applications as needed and communicates risk to proper stakeholders.Authors organizational policies and standards, as well as, departmental procedures focusing on cybersecurity.
Work is typically performed in an office environment. Accountable for satisfying all job specific obligations and complying with all organization policies and procedures. The specific statements in this profile are not intended to be all-inclusive. They represent typical elements considered necessary to successfully perform the job.
*Relevant experience may be a combination of related work experience and degree obtained (Associate’s Degree = 2 years; Bachelor’s Degree = 4 years).
Founded more than 100 years ago by Abigail Geisinger, the system now includes ten hospital campuses, a 550,000-member health plan, two research centers and the Geisinger Commonwealth School of Medicine. With nearly 24,000 employees and more than 1,700 employed physicians, Geisinger boosts its hometown economies in Pennsylvania by billions of dollars annually. Learn more at geisinger.org or connect with us on Facebook, Instagram, LinkedIn and Twitter.
Our Commitment to Diversity, Equity and InclusionGeisinger values who you are, where you are from, and where you are going. We seek out people of various backgrounds and cultures with unique abilities, non-traditional career paths and ambitious aspirations. We are an Affirmative Action, Equal Opportunity Employer. Women and Minorities are encouraged to apply. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of disability or their protected veteran status. Read more about Our Commitment to Inclusive Recruiting.
Our Vision & ValuesEverything we do is about making better health easier for our patients, our members, our students, our Geisinger family and our communities.
KINDNESS: We strive to treat everyone as we would hope to be treated ourselves.
EXCELLENCE: We treasure colleagues who humbly strive for excellence.
LEARNING: We share our knowledge with the best and brightest to better prepare the caregivers for tomorrow.
INNOVATION: We constantly seek new and better ways to care for our patients, our members, our community, and the nation.
SAFETY: We provide a safe environment for our patients and members and the Geisinger family.
Our BenefitsWe offer healthcare benefits for full time and part time positions from day one, including vision, dental and prescription coverage.