Info Security Analyst III, Patch Management at Hackensack University Medical Center in Edison, NJ
Overview How have YOU impacted someone's life today? At Hackensack Meridian Health our teams are focused on changing the lives of our patients by providing the highest level of care each and every day. From our hospitals, rehab centers and occupational health teams to our long-term care centers and at-home care capabilities, our complete spectrum of services will allow you to apply your skills in multiple settings while building your career, all within New Jersey's premier healthcare system. The Patch Management (PM) Program's objective is to reduce Hackensack Meridian Health's (HMH) risk profile through the identification, acquisition, testing, deployment, and verification of patches and updates in a consistent and repeatable manner across systems (Host, Application, Database, etc.). The Information Security Analyst III, Patch Management is responsible for handling the day-to-day operations of the Patch Management service. This includes reviewing scheduled patch deployments, reviewing and prioritizing recently released patches, coordinating patch testing efforts with system owners, configuring and monitoring automated deployments, and generating and distributing reports. Works closely with the Patch Management tool and coordinates with the Patch Management Manager, Info Security Analyst IV, Patch Management, Operations, Applications, and Infrastructure teams. This individual reports directly to the Patch Management Manager. Responsibilities A day in the life of a Info Security Analyst III, Patch Management at Hackensack Meridian Health includes:
Serves as the initial point of contact and troubleshooting resource for issues/errors resulting from patching. Performs initial investigation and triaging of tickets assigned to the Patch Management team. Escalates tickets to Info Security Analyst IV, Patch Management and/or Patch Management Manager as needed. Performs necessary rollbacks, investigations, and troubleshooting when patch deployments fail or return errors. Tracks and reports patch success and program KPIs. Develops and generates patch compliance reports for distribution to system owners and leadership. Creates, modifies, and maintains policy, process, procedure, standards, and training documentation relevant to supporting the various technologies used by the Patch Management team. Develops checklists, guides, best practices, and procedures to support the patch management process. Identifies and coordinates manual patch deployments with system owners. Assists in ad hoc and scheduled patch deployments. Coordinates patch exception processes with Information Security and system owners. Stays informed regarding advances in patch management technologies, configuration, and administration. Assists in managing the Patch Management tool configuration and automation enhancements, including but limited to identifying and onboarding new systems and their respective patch handling requirements and schedules; and verifying system attributes and maintenance of up-to-date system inventory. Supports ongoing Patch Management optimization efforts and projects (e.g., patch scope expansion, system patching expansion, enhanced automation, etc.). Assists in planning, design, implementation, testing, and operation of patch management tools, processes, and systems. Supports coordination of regular and emergency patch processes with Vulnerability Management, systems owners, and Change Management. Other duties and/or projects as assigned. Adheres to HMH Organizational competencies and standards of behavior. Qualifications Education, Knowledge, Skills and Abilities Required:
Bachelor's degree in business information systems, information security, cybersecurity, etc., or related degree.Work experience may be substituted. Minimum of 7 years of general IT experience with at least 5 years' of that experience in IT security. Technical experience with networks, operating systems (i.e., Windows, Linux), applications, etc. Experience writing PowerShell, SQL queries, Python, and other relevant scripting languages / technologies. Knowledge of one or more Information Security frameworks (HIPAA, NIST, PCI, etc.) and industry better practices. Understanding of industry standards regarding patch and vulnerability management (i.e., Patch Criticality Ratings, Patch Tuesday, Common Vulnerability Scoring System (CVSS), Common Vulnerability and Exposures (CVE)). Familiarity with Information Security governance, risk, and compliance better practices and tools. Experience delivering formal presentations. Excellent verbal and written communication skills. Education, Knowledge, Skills and Abilities Preferred:
Preferred 2 years of experience in Patch Management. Understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, and PCI. Strong knowledge of healthcare environments. Experience and knowledge of one of the following (or comparable) Patch Management / Configuration Management tools:
Ivanti Patch Management solutions (i.e., Patch for Endpoint Manager, Patch for SCCM, Patch for Linux, UNIX, Mac, etc.), WSUS, SCCM, and/or Legacy solutions (e.g., Shavlik, LANDesk, etc.). Experience in one or more of the following:
successful implementation of business relevant measures of Information Security effectiveness; and/or involvement in security and/or IT operations work. Experience with IT ticketing solutions (e.g., FootPrints, ServiceNow, etc.). Licenses and Certifications Preferred:
Vendor certifications in Patch Management products. Our Network Hackensack Meridian Health (HMH) is a Mandatory COVID-19 and Influenza Vaccination Facility As a courtesy to assist you in your job search, we would like to send your resume to other areas of our Hackensack Meridian Health network who may have current openings that fit your skills and experience.
Salary Range:
$100K -- $150K
Minimum Qualification
IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
Serves as the initial point of contact and troubleshooting resource for issues/errors resulting from patching. Performs initial investigation and triaging of tickets assigned to the Patch Management team. Escalates tickets to Info Security Analyst IV, Patch Management and/or Patch Management Manager as needed. Performs necessary rollbacks, investigations, and troubleshooting when patch deployments fail or return errors. Tracks and reports patch success and program KPIs. Develops and generates patch compliance reports for distribution to system owners and leadership. Creates, modifies, and maintains policy, process, procedure, standards, and training documentation relevant to supporting the various technologies used by the Patch Management team. Develops checklists, guides, best practices, and procedures to support the patch management process. Identifies and coordinates manual patch deployments with system owners. Assists in ad hoc and scheduled patch deployments. Coordinates patch exception processes with Information Security and system owners. Stays informed regarding advances in patch management technologies, configuration, and administration. Assists in managing the Patch Management tool configuration and automation enhancements, including but limited to identifying and onboarding new systems and their respective patch handling requirements and schedules; and verifying system attributes and maintenance of up-to-date system inventory. Supports ongoing Patch Management optimization efforts and projects (e.g., patch scope expansion, system patching expansion, enhanced automation, etc.). Assists in planning, design, implementation, testing, and operation of patch management tools, processes, and systems. Supports coordination of regular and emergency patch processes with Vulnerability Management, systems owners, and Change Management. Other duties and/or projects as assigned. Adheres to HMH Organizational competencies and standards of behavior. Qualifications Education, Knowledge, Skills and Abilities Required:
Bachelor's degree in business information systems, information security, cybersecurity, etc., or related degree.Work experience may be substituted. Minimum of 7 years of general IT experience with at least 5 years' of that experience in IT security. Technical experience with networks, operating systems (i.e., Windows, Linux), applications, etc. Experience writing PowerShell, SQL queries, Python, and other relevant scripting languages / technologies. Knowledge of one or more Information Security frameworks (HIPAA, NIST, PCI, etc.) and industry better practices. Understanding of industry standards regarding patch and vulnerability management (i.e., Patch Criticality Ratings, Patch Tuesday, Common Vulnerability Scoring System (CVSS), Common Vulnerability and Exposures (CVE)). Familiarity with Information Security governance, risk, and compliance better practices and tools. Experience delivering formal presentations. Excellent verbal and written communication skills. Education, Knowledge, Skills and Abilities Preferred:
Preferred 2 years of experience in Patch Management. Understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, and PCI. Strong knowledge of healthcare environments. Experience and knowledge of one of the following (or comparable) Patch Management / Configuration Management tools:
Ivanti Patch Management solutions (i.e., Patch for Endpoint Manager, Patch for SCCM, Patch for Linux, UNIX, Mac, etc.), WSUS, SCCM, and/or Legacy solutions (e.g., Shavlik, LANDesk, etc.). Experience in one or more of the following:
successful implementation of business relevant measures of Information Security effectiveness; and/or involvement in security and/or IT operations work. Experience with IT ticketing solutions (e.g., FootPrints, ServiceNow, etc.). Licenses and Certifications Preferred:
Vendor certifications in Patch Management products. Our Network Hackensack Meridian Health (HMH) is a Mandatory COVID-19 and Influenza Vaccination Facility As a courtesy to assist you in your job search, we would like to send your resume to other areas of our Hackensack Meridian Health network who may have current openings that fit your skills and experience.
Salary Range:
$100K -- $150K
Minimum Qualification
IT SecurityEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
