Share this Job

Information Security Analyst I

Apply now

Apply for Job

Date: Apr 15, 2021

Location: West Columbia, SC, US, 29169

Company: Lexington Medical Center

IT Services 
Full Time 
Day Shift 

Rated as one of the Top 25 Best Hospitals to Work for in the U.S., the heart of LMC is our 557-bed modern state-of-the-art facility. Winning the prestigious, "Summit Award" from Press Ganey for outstanding patient satisfaction, "Consumer Choice Award" from the National Research Corporation, all contributing to our reputation for giving our patients the highest quality care.  Lexington Medical Center was voted one of South Carolina’s “Best Places to Work” for 2019!

We are located in heart of the Midlands, right outside of Columbia, SC, and one of the most successful integrated healthcare systems in the Southeast. As the third largest employer in the Midlands, we invite you to be a part of our ongoing success and join our LMC Family.

Job Summary

Under the general direction of the Director Information Systems Security,  the IS Security Analyst position exists to support the Information Services team in implementing and overseeing an effective and consistent Security/Privacy Program. This position provides analysis work in the technical services security infrastructure of a large and complex local area network (LAN) and remote connections. The person(s) holding this position are responsible for facilitating the information security program at LMC which seeks to protect the confidentiality, availability, and integrity of the organizations assets and customer data. This position will work collaboratively with application and system administrators, IT management, Risk / Legal, and Compliance/Auditing.

Minimum Qualifications

Minimum Education: High School Diploma or Equivalent
Minimum Years of Experience: 8 Years of direct experience in information security and compliance in a healthcare setting (6 years of experience in information security within a complex healthcare setting)
Substitutable Education & Experience:
Associates Degree in IT or Health related field of study with 6 years of information security and compliance experience;
Bachelor’s degree in an IT or Health related field of study with 6 years of experience in information security and compliance.
Required Certifications/Licensure: Must be willing to obtain certification in EHR training specific to Lexington Medical Center.
Required Training: In-depth knowledge of security requirements (federal, state, and local legislation and regulations and accreditation standards);
In-depth knowledge of technical security controls (i.e. data encryption, digital forensics, secure communications, etc.).

Essential Functions

  • Perform duties as a system security analyst for the information technology security infrastructure (Physical, Administrative, and Technical) to safeguard company assets, protected and regulated data, intellectual property, and computer systems. Information protection responsibilities include, but are not exclusive to: network security architecture, network/system access, controls and monitoring policies, employee education and awareness, and audits and reporting.
  • Responsible for the organizational security policy, standards, guidelines and procedures in accordance with regulatory controls (e.g. HIPAA, HITECH, FERPA, PCI, etc.) to ensure ongoing maintenance of security. Develops, manages, implements, enforces, leads, and maintains oversight of the security build and support teams for EHR.
  • Conducts operational risk management activities by conducting risk and vulnerability assessments, business impact analysis, security audits, and defining security requirements for the overall security posture of interconnected and standalone systems.
  • Identify, classify and protect system resources from unauthorized access and develop / maintain a means to control access to these resources.
  • Assist in the identification of protection goals, objectives and metrics consistent with corporate strategic plan and regulatory requirements.
  • Coordination of incident response including, but not limited to planning response activities, detecting security violations, coordinating containment and/or eradication measures, and coordination of post incident review and corrective actions. Review information technology contracts and research proposals for HIPAA compliance and compatibility with information technology infrastructure and facilitate security controls as applicable.  Ensure information security controls are consistent with business strategies and privacy requirements.
  • Work contractual and other IT related activities with vendors, outside consultants, business associates and other third parties to improve information security practices.
  • Coordinate security survey’s for regulatory activities and participates in accreditation surveys/audits with external survey bodies.
  • Maintain current knowledge of Federal and state privacy and security laws and regulations (i.e. HIPAA, FERPA, PCI), as well as industry best practices (i.e. NIST, ISO)
  • Capable of serving as a security resource to all levels of workforce and customer base including: executive management departmental employees, patients and students, and external bodies such as state agencies..

Duties & Responsibilities

  • Acts in an advisory role to the Director of Information Systems Security to set security direction and enforcement.
  • Develops access control procedures to support role base provisioning and HIPAA audit requirements.
  • Coordinates deployment of access control and user provisioning procedures.
  • Monitors process throughout system lifespan to facilitate end user training and compliance.
  • Leads and directs the work activities of others.
  • Accountable for work activities of other security project team, allocating internal and external resources to accomplish goals.
  • Monitors projects and task schedules to ensure adherence to timelines.
  • Contributes to staff evaluations and input into selection of new team members.
  • Provide leadership, motivation and direction to staff, building teamwork and fostering team cohesion.
  • Utilize technical expertise to strengthen the knowledge and skills of related team members.
  • Performs all other duties as assigned

We are committed to offering quality, cost-effective benefits choices for our employees and their families:

  • Day ONE medical, dental and life insurance benefits 
  • Health care and dependent care flexible spending accounts (FSAs)
  • Employees are eligible for enrollment into the 403(b) match plan day one.  LHI matches dollar for dollar up to 6%.
  • Employer paid life insurance – equal to 1x salary
  • Employee may elect supplemental life insurance with low cost premiums up to 3x salary 
  • Adoption assistance
  • LHI provides its full-time employees employer paid short-term disability and long-term disability coverage after 90 days of eligible employment
  • Tuition reimbursement
  • Student loan forgiveness

Equal Opportunity Employer
It is the policy of LMC to provide equal opportunity of employment for all individuals, and to remain compliant with applicable state and federal laws and regulations. LMC strives to provide a discrimination-free environment, and to recruit, select, on-board, and employ all employees without regard to race, color, religion, sex, age, disability, national origin, veteran status, or pregnancy, childbirth, or related medical conditions, including but not limited to, lactation. LMC endeavors to upgrade and promote employees from within the hospital where possible and consistent with the employee’s desires and abilities and the hospital’s needs.

Nearest Major Market: Columbia
Nearest Secondary Market: South Carolina