Mount Sinai Careers
Information Security Specialist III - Data Security
Strength Through Diversity
Ground breaking science. Advancing medicine. Healing made personal.
- Support the Associate Director and the CISO and senior IT infrastructure leadership with security control sound and best practices through their design, development and coordination of security related projects
- Provide technical support and consultation on the installation, configuration, upgrading, troubleshooting and repairing applicable software, hardware and peripheral devices, providing accurate reports with recommendations for improvements
- Communicate with internal and external clients regularly to clearly communicate technical concepts, procedures to non-technical users
- Define and communicate project milestones, or scope of work, and resource allocation
- Will have dotted lines to the Senior Leadership
- Responsible for security reviews of application technology architecture.
- Provides state-of-the-art technical expertise and support to clients, IT management and staff in risk assessment and the implementation of appropriate data security procedures and products.
- Reviews the design, development, testing and implementation of appropriate IT security plans, products, firewalls and other access control techniques.
- Participates in the establishment and implementation of the firm’s information security policy.
- Reviews the development, testing and implementation of appropriate security plans, products and control techniques.
- Evaluates effectiveness of training courses and sources of training.
- Identifies emerging vulnerabilities, evaluates associated risks and threats and provides countermeasures where necessary.
- Manages the reporting, investigation and resolution of data security incidents.
- Maintains contact with industry security standard setting groups, and an awareness of State and Federal legislation and regulations pertaining to data privacy and information security.
- Proposes changes in firm-wide security policy when necessary.
- Directs the Information Security staff in the evaluation of risks and threats, development, implementation, communication, operation, monitoring and maintenance of the IT security policies and procedures which promote a secure and uninterrupted operation of all IT systems.
- Develops communications and related campaigns for information security awareness among all staff.
- Prepares activity and progress reports.
- Responsible for the development and implementation of security standards, procedures and guidelines to prevent the unauthorized use, release, modification, or destruction of data across multiple platforms and environments (e.g., firm-wide, distributed, client server systems, and e- applications).
- Performs related duties as assigned or requested
Experience: Seven years experience in security aspects of multiple platforms, operating systems, software, communications and network protocols, or an equivalent combination of education and work experience.