Information Protection Lead
Company Name:
Kaiser Permanente
The process analyst is responsible for documenting and implementing the business process management (BPM) system for triage, incident resolution, and remediation. The analyst will work with operational business owners to understand required process flows, control points, notifications and measurements. The analyst will use this information to codify the process workflow into a business process management tool. The analyst will continue to maintain the process flows by updating them as circumstances dictate. The analyst will ensure audit readiness and represent the operational processes and workflow to auditors.
Essential Functions:
- Information Protection Policies & Standards: Develops, documents & implements Information Protection policies, standards, procedures & guidelines. Assists consultants w/ identification & documentation of standards for Information Protection products. Coordinates or assists in the coordination of KP-IT Information Protection efforts w/ the end-user community by periodically reviewing their use of KP-IT services, assessing the adequacy of their security measures & consulting on policies & procedures. Ensures that KP-IT security systems are in compliance w/KP-IT policies. Assists w/periodic security compliance reviews.
- Systems Changes: Supervises lower level resources in maintenance of user profiles & access controls. Ensures that change management complies w/Information Protection policies, standards & guidelines. Ensures implementation of system access controls based upon KP-IT Information Protection policies & standards. Works w/other KP-IT staff to assess security system modifications required due to other system changes.
- Systems Access: Directs Information Protection staff in the maintenance of the security database. Ensures that all requests for access to computerized systems & data have been appropriately completed according to service level agreements. Investigates & documents security incidents. Works w/KP-IT technical support to coordinate the system maintenance of the security database.
- Security Planning: Assesses the development, testing & implementation of appropriate Information Protection controls. Participates w/internal & external audit staff to assess the effectiveness of the KP-IT security program. Plans & implements recommended enhancements to the KP-IT security program. Maintains Information Protection functional model. Participates in divisional Security Committee sessions. Participates in the process of DR/BCP planning.
- Application Security: Ensures that Information Protection is made an integral part of the application development process by evaluating security standard controls in application designs. Ensures that data ownership agreements are created & that data is classified.
- Software Evaluation & Selection: Coordinates reviews of the security features of products being considered for purchase. Assists in testing of third party Information Protection products to verify that products meet KP security functionality needs. Prepares written evaluation of software for Consultant/Mrg.
- Training/Mentoring: Assists consultant in working w/other technical consultants (network engineers, system engineers, system administrators) in implementing & training of product functionality. Manages an ongoing Information Protection awareness program. Supervises & trains subordinate staff members. Develops & maintains training programs for data security & confidentiality. Assesses skill levels of individuals responsible for data security & confidentiality & determines when to allow them to assume responsibility for security & confidentiality.
- Communications: Communicates security incidents expeditiously, both internally & externally, according to guidelines. Interacts w/KP-IT clients & consultants in all levels of management. Prepares & delivers briefings on Information Protection technology & its value to the healthcare enterprise.
- This job description is not all encompassing.
Qualifications:
Basic
Qualifications:
Experience
- Minimum eight (8) years of experience.
Education
- Bachelor's degree required.
License, Certification, Registration
- N/A
Additional Requirements:
- N/A
Preferred
Qualifications:
- Master's degree preferred.
External hires must pass a background check/drug screen.
We are proud to be an equal opportunity/affirmative action employer.Estimated Salary: $20 to $28 per hour based on qualifications.
Kaiser Permanente
The process analyst is responsible for documenting and implementing the business process management (BPM) system for triage, incident resolution, and remediation. The analyst will work with operational business owners to understand required process flows, control points, notifications and measurements. The analyst will use this information to codify the process workflow into a business process management tool. The analyst will continue to maintain the process flows by updating them as circumstances dictate. The analyst will ensure audit readiness and represent the operational processes and workflow to auditors.
Essential Functions:
- Information Protection Policies & Standards: Develops, documents & implements Information Protection policies, standards, procedures & guidelines. Assists consultants w/ identification & documentation of standards for Information Protection products. Coordinates or assists in the coordination of KP-IT Information Protection efforts w/ the end-user community by periodically reviewing their use of KP-IT services, assessing the adequacy of their security measures & consulting on policies & procedures. Ensures that KP-IT security systems are in compliance w/KP-IT policies. Assists w/periodic security compliance reviews.
- Systems Changes: Supervises lower level resources in maintenance of user profiles & access controls. Ensures that change management complies w/Information Protection policies, standards & guidelines. Ensures implementation of system access controls based upon KP-IT Information Protection policies & standards. Works w/other KP-IT staff to assess security system modifications required due to other system changes.
- Systems Access: Directs Information Protection staff in the maintenance of the security database. Ensures that all requests for access to computerized systems & data have been appropriately completed according to service level agreements. Investigates & documents security incidents. Works w/KP-IT technical support to coordinate the system maintenance of the security database.
- Security Planning: Assesses the development, testing & implementation of appropriate Information Protection controls. Participates w/internal & external audit staff to assess the effectiveness of the KP-IT security program. Plans & implements recommended enhancements to the KP-IT security program. Maintains Information Protection functional model. Participates in divisional Security Committee sessions. Participates in the process of DR/BCP planning.
- Application Security: Ensures that Information Protection is made an integral part of the application development process by evaluating security standard controls in application designs. Ensures that data ownership agreements are created & that data is classified.
- Software Evaluation & Selection: Coordinates reviews of the security features of products being considered for purchase. Assists in testing of third party Information Protection products to verify that products meet KP security functionality needs. Prepares written evaluation of software for Consultant/Mrg.
- Training/Mentoring: Assists consultant in working w/other technical consultants (network engineers, system engineers, system administrators) in implementing & training of product functionality. Manages an ongoing Information Protection awareness program. Supervises & trains subordinate staff members. Develops & maintains training programs for data security & confidentiality. Assesses skill levels of individuals responsible for data security & confidentiality & determines when to allow them to assume responsibility for security & confidentiality.
- Communications: Communicates security incidents expeditiously, both internally & externally, according to guidelines. Interacts w/KP-IT clients & consultants in all levels of management. Prepares & delivers briefings on Information Protection technology & its value to the healthcare enterprise.
- This job description is not all encompassing.
Qualifications:
Basic
Qualifications:
Experience
- Minimum eight (8) years of experience.
Education
- Bachelor's degree required.
License, Certification, Registration
- N/A
Additional Requirements:
- N/A
Preferred
Qualifications:
- Master's degree preferred.
External hires must pass a background check/drug screen.
We are proud to be an equal opportunity/affirmative action employer.Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
