Data Security Analyst- Intermediate

Job Number 48351
Posted 7/10/2017
Account EMHS
Department IS Security
Location EMHS - Cianchette Building, Brewer, ME 04412
Schedule Regular Full-time
Shift Day
Hours 8-4:30
Job Details Job Summary:

The Data Security Analyst works directly with the Information Security Team to deliver and maintain Eastern Maine Healthcare Systems' (EMHS) Information Security Program that safeguards information and system assets against unauthorized use, disclosure or modification, and damage or loss. The administrative responsibilities include establishing and maintaining a security organization, developing a cost-effective and integrated security program that supports the accomplishment of EMHS' goals and priorities. The activity is critical for the integrity, accessibility and security of patient and organizational information belonging to EMHS and it's affiliates.

Responsibilities and Duties:

· Assists the Information Security Manager ISM in the review and testing to ensure compatibility of planned security measures with established computer security system software and the enterprise information system goals.

· Maintains application database security. This requires knowledge of a variety of systems and their interactions within the EMHS infrastructure.

· Reviews requests for changes in access, based on job duties for an application;

· Prepares testing scripts for the testing of vendor and local application updates;

· Provides guidance in the design and building of application security for users and systems in the EMHS regional infrastructure;

· Maintains the Change Control database for all application security changes and updates;

· Updates application security as needed to ensure the confidentiality, integrity and availability of information.

· Reviews IS security procedures and audit logs recorded by the systems and reports violations of policy to the ISM and user department managers for appropriate action.

· Assists in the preparation of IS security policies and procedures.

· Manages user access to EMHS systems:

· Through preparing, modifying and revoking privileges as requested by appropriate management authority.

· Through the selection of appropriate levels of privileges necessary for the completion of user assigned tasks

· Presents information security awareness training to users.

· Assists IS personnel to ensure the continuation of IS activities in the event of an emergency disruption at the main processing site.

· Monitors EMHS systems to protect against the intentional or inadvertent access or destruction of organizational or patient information.

· Assists the ISM in the performance of information site audits and works with the site custodian to provide for the security of information maintained at each location belonging to EMHS and its affiliates.

· Provides security assessments, risk analysis and support to the ISM, as part of the procurement and implementation of new or updated information systems.

· Provides the EMHS Information Security program with application database knowledge necessary to carry out its mission.

· Applies knowledge of regulatory requirements in the accomplishment of all tasks; to include HIPAA, Stark & PCI regulations.

Education Requirements:
  • A high school diploma combined with a minimum of two years experience in information technology, preferably in a healthcare environment and a nationally accepted certification in information security such as is issued by the International Information Systems Security Certification Consortium (ISC)2, Global Information Assurance Certification (GIAC) or Information Systems Audit and Control Association (ISACA).


  • An Associate Degree in a major that is related to healthcare information security such as information technology or accounting, finance or business combined with a minimum of two years experience in information technology, preferably in a healthcare environment.

  • Language: The ability to read and interpret technical journals, system documentation and training materials. The ability to respond to inquiries or complaints from customers. The ability to compose presentations, articles, policies and procedures and operating instructions for publication that conform to prescribed style and format. The ability to present information, ideas and concepts to both employees and vendors.
  • Reasoning Ability: The ability to apply innovative, logical or scientific thinking to a wide range of intellectual and practical problems. The ability to interpret technical instructions and non-verbal symbols and deal with a variety of abstract and concrete variables.
  • Mathematical Skills: The ability to apply basic mathematics and concepts such as fractions, percentages, ratios and proportions to practical situations.

Equal Opportunity Employment
We are an equal opportunity, affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, age, disability status, gender, sexual orientation, ancestry, protected veteran status, national origin, genetic information or any other legally protected status.