Information Security Analyst

at Aspen Valley Hospital
Location Aspen, CO
Date Posted August 10, 2018
Category Information Technology
Job Type Full-time


Plans and carries out security measures to protect organization’s IT assets. Must stay up-to-date on IT security and on the latest methods attackers are using to infiltrate computer systems. Research new security technology to assist with decisions on how to most effectively protect the organization.

Monitors organization’s networks for security breaches and investigates, with IT Director, a violation when one occurs.

Audits security software to ensure it is installed, properly used, and protecting sensitive information. Ensure database is up-to-date of all information assets.

Prepares reports that document security incidents and the extend of the damage caused.

Conducts audits, including penetration testing, to look for vulnerabilities in systems before they can be exploited.

Researches the latest IT security trends.

Works with IT Director to develop security standards and best practices for organization.

Recommends security enhancements to senior IT staff.

Oversees AVH third party security risk management program, including audits and ongoing education to third parties with access to AVH network.

Participates heavily in organization’s disaster recovery plan to allow for continued operations in the event of a disaster. Plan includes preventative measures, such as backups, and plans to restore proper IT functions after a disaster. Responsible for continually testing the steps in the organizations disaster recovery plan.

Responsible for adhering to the establish Service Standards and processes of the IT Department.

Maintain application training and certification, as assigned by the IT Director. Remain abreast of trends and developments in the field of clinical informatics and associated software.

Demonstrates purposeful service excellence through exceeding patient and coworker expectations.

Represents the department/hospital as a dedicated, courteous, and responsive employee

Records pertinent documentation in accordance with regulatory requirements, professional standards and hospital policy.

Adheres to federal, state and hospital rules and regulations concerning HIPAA privacy and security.

Follows Hospital compliance plan and policies, including the Code of Conduct.

Participates in required training for compliance related activities (HIPAA, Compliance, Patient Safety, TJC, etc.)

Actively participates in IT departmental meetings.

Performs other duties as assigned or as necessity dictates.

Demonstrates responsibility and accountability for own professional decision making and professional growth.

Participates and contributes to departmental meetings and activities.


Analytical skills – Must carefully study computer systems and networks and assess risks to determine how security policies/protocols can be improved. 

Detail oriented – Must pay careful attention to computer systems and watch for minor changes in performance, as cyberattacks can be difficult to detect. 

Ingenuity – Must anticipate security risks and implement new ways to protect IT environment. 

Problem-solving skills – Must respond to security alerts and uncover and fix flaws in computer systems and networks.

Educational Requirements

Bachelor’s degree in computer science, information assurance, programming, or a related field. 

Experience Requirements

5 years’ successful experience as network or computer systems administrator. 
ICS Level 1 
CISSP (or achieve within 1 year of hire) 
Security+ (or achieve within 2 years of hire) 
Drop files here browse files ...