Information Security Analyst, Identity Access Management

Position Summary 

This position supports the Medical Faculty Associates ("MFA") including, but not limited to assessing potential and actual risk to MFA data, business, and IT infrastructures that support its clinical, academic, research, and administrative functions. The position ensures collaborative outcomes with external vendors, affiliates, and partners with internal and external stakeholders to improve processes, mitigate risks, and remediate vulnerabilities related to IT governance, risk, and compliance.

Opportunities are available in the following areas of Information Security:

• Data and Users
• Device, Applications, and Network
• Remediation and Security Operations Center

Essential Duties and Responsibilities

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Other duties may be assigned.

• Conduct detailed security and third-party risk assessments to ensure projects and initiatives align with MFA compliance policies, standards, and procedures as well as HIPM, HITRUST, HITECH, and other government and medical agencies' regulations
• Recommend remediation strategies including risk-based prioritization of action items and identification of mitigating controls; as well as evaluate, develop, and recommend new information security assessment tools/techniques
• Develop HIPM-related training and awareness
• Collaborate with key stakeholders to identify, manage and, where appropriate, accept/ track risk
• Develop and implement security policies, standards and in line with HIPAA to ensure enterprise-wide risk mitigation
• Support and coordinate compliance-focused units and programs
• Contribute to and develop best practices, strategies, methodologies, and documentation/templates
• Experience in hybrid environments involving hybrid on-premises and public/private cloud as well as numerous vendor-specific Saas solutions
• Participate in 24x7 on-call rotation
• The omission of specific duties does not prevent the supervisor from assigning duties that are logically related to the position

Minimum Qualifications

Education

• A Bachelor's in Computer Science or an equivalent combination of training and experience

Experience

• A minimum of 3 years of experience in IT operations or IT security

Physical Requirements

• Walk, stand, and reach outward on a constant basis in an office setting.
• Must be able to occasionally lift, carry, push, or pull over 100 lbs. as part of the role.
• Regularly exposed to healthcare settings that may require personal protective equipment.
• Requires manual dexterity to operate a computer keyboard, calculator, copier machine, and other equipment.

About GW MFA

MFA physicians provide comprehensive patient care, offering one practice for the whole person with 52 medical and surgical specialties. As members of the GW School of Medicine and Health Sciences faculty, MFA providers are teachers and mentors for medical students, residents, fellows, and researchers preserving the rich tradition of academics, research, and healing. In addition to maintaining a closely integrated alliance with The George Washington University and The George Washington University Hospital (GWUH) which is separately owned and operated by Universal Health Services (UHS), the GW MFA has active referring relationships with 12 area hospitals.

The GW MFA’s leading healthcare presence in the DC metro region is complemented by a network of community-based practices in DC, Maryland, and Virginia. Given its geographic location in central NW Washington, DC, and proximity to more than 175 resident embassies, the MFA continues to evolve its international clinical outreach.