Penn State Health Shared Services Location: US:PA:Hershey Work Type: Full Time FTE: 1.0 Shift: Day Hours: Day **WE ARE OPEN TO BOTH INTERMEDIATE AND SENIOR LEVEL APPLICANTS** The Office of Cyber Security ensures cyber security risks to the confidentiality, integrity, and availability of Penn State Health (PSH) and College of Medicine (COM) information are identified, assessed, and maintained at acceptable levels. We are looking for people who are focused on delivery, prioritize data-driven decisions over opinions, are continuous learners, and are passionate about cyber security. JOB SUMMARY: The Cyber Requirements Planner (CRP) is responsible for ensuring operational excellence of cyber security requirements planning activities, including but not limited to: Working with customers to evaluate functional requirements and translating the functional requirements into technical solutions Managing the cyber security planning process to ensure that developed solutions meet business needs and cyber security requirements Applying and incorporating information technologies into proposed solutions. Applying cyber security and privacy principles to organizational requirements (relevant to confidentiality, integrity, authentication, and non-repudiation) Creating trending, metrics, and management reports Effectively collaborates and communicates with stake holders and Business units and others to identify, analyze and communicate risk and provide support around DLP management within their business requirements Understands compliance requirements that may impact security and effectively collaborate with business areas and project teams to develop security solutions that address these requirements Analyzes and responds to data loss incidents/alerts via enterprise console and other sources MINIMUM QUALIFICATIONS: Intermediate Level Requirements: Bachelor s degree in computer science, cybersecurity, information technology or in a related field and 4 years of experience OR 8 total years of experience and education. Senior Level Requirements: Bachelor s degree in computer science, cybersecurity, information technology or in a related field and 8 years of experience OR 12 total years of experience and education. PREFERRED QUALIFICATIONS: * Demonstrated experience in cyber security, privacy, and/or an information protection-related function * Strong knowledge of cyber security principles, standards, practices, and technologies * Proven experience with assessment of information and information systems based on NIST 800-53 standards and working with asset custodians on remediation plans or exception processes * Extensive technical knowledge of national security practices, procedures, standards, business continuity, disaster recover, auditing, risk management, vulnerability assessments, and regulatory compliance * Strong knowledge of computer networking concepts and protocols, and network security methodologies * Prior experience with Data Loss Prevention (DLP) (Symantec preferred) technology as well as remediation of findings * Knowledge of creating policies, rules and tuning of DLP tools is a plus * Prior experience working with Merger and Acquisitions to ensure secure integration and handling security assessments, analysis and reporting for executive leadership * Strong knowledge of working with industry and regulatory requirements (i.e., HIPAA, PCI, etc.) * Strong knowledge of controls related to the use, processing, storage, and transmission of data * Excellent analytical and problem-solving skills * Excellent oral and written communication skills * Proven strong background in cyber security and operational processes * Demonstrated strong organizational skills with attention to detail * Proven ability to achieve results in a fast moving, dynamic environment * Ability to develop strong working relationships * Ability to multi-task and meet deadlines * Excellent communication, problem-solving, and decision-making skills CERTIFICATIONS: Certified Information Systems Security Professional (CISSP) or equivalent This job description is a general outline of duties performed and is not to be misconstrued as encompassing all duties performed within the position. All individuals (including current employees) selected for a position will undergo a background check appropriate for the position's responsibilities. Penn State Health is an equal opportunity, affirmative action employer, and is committed to providing employment opportunities to all qualified applicants without regard to race, color, religion, age, sex, sexual orientation, gender identity or expression, national origin, disability or protected veteran status. If you are unable to use our online application process due to an impairment or disability, please call ************ between the hours of 8:30 AM and 4:30 PM, Eastern Standard Time, Monday Friday, email *********************************** or download our Accommodation Instructions for Job Applicants PDF for more detailed steps for assistance. IND123 #LI-ZW1 Associated topics: cybersecurity, forensic, identity access management, iam, leak, phish, security, security analyst, security officer, violation Associated topics: cybersecurity, identity access management, iam, leak, phish, protect, security analyst, security engineer, threat, violation
* The salary listed in the header is an estimate based on salary data for similar jobs in the same area. Salary or compensation data found in the job description is accurate.