At Children’s Wisconsin, we believe kids deserve the best.
Children’s Wisconsin is a nationally recognized health system dedicated solely to the health and well-being of children. We provide primary care, specialty care, urgent care, emergency care, community health services, foster and adoption services, child and family counseling, child advocacy services and family resource centers. Our reputation draws patients and families from around the country.
We offer a wide variety of rewarding career opportunities and are seeking individuals dedicated to helping us achieve our vision of the healthiest kids in the country. If you want to work for an organization that makes a difference for children and families, and encourages you to be at your best every day, please apply today.
Please follow this link for a closer look at what it’s like to work at Children’s Wisconsin: https://www.instagram.com/lifeatcw/
Children’s Wisconsin is seeking a Senior Information Security Analyst- Epic to join our team!

MINIMUM KNOWLEDGE, SKILLS AND ABILITIES REQUIRED:

• Requires bachelor’s degree in computer science or related technology field. Master’s degree preferred.
• Requires 7 years of relevant computer systems experience, preferably in a hospital or healthcare setting. Significant experience in IS security administration including compliance, audit, and information security management.
• Epic certification is a requirement.
• Professional certification (e.g. CISA, CISM or CISSP) preferred.
• Thorough understanding of risk analysis, disaster recovery and audit tracking.
• Familiarity with current common paradigms for violating system integrity.
• Must have excellent interpersonal skills to effectively communicate with all levels of hospital personnel, vendors and IS personnel.
• Must possess the ability to deliver clear, concise communications and presentations. Must be able to train others on key IS security concepts.
  Children’s Wisconsin is an equal opportunity / affirmative action employer. We are committed to creating a diverse and inclusive environment for all employees. We treat everyone with dignity, respect, and fairness. We do not discriminate against any person on the basis of race, color, religion, sex, gender, gender identity and/or expression, sexual orientation, national origin, age, disability, veteran status, or any other status or condition protected by the law.

WHAT YOU WILL DO:

The IS Security Analyst will perform all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Ensures that user community understands and adheres to necessary procedures to maintain security. Must be able to weigh business needs against security concerns and articulate issues to management. Primary EPIC security lead on Enterprise Information Security team responsible for management of Epic user records (EMP users, including background users) which includes the life cycle management of the records (creation, modification, inactivation) and auditing as appropriate. Collaborates with app analysts teams who manage the templates and sub templates. Participates in the development of workflows, system configuration, change documentation, optimization and support related to Epic security, while working with application teams to deploy functionality changes, new modules or departments, update security classes, modify provider records, conduct user analysis, and implement security enhancements. Leads and assists in the development of department and organization wide policies and procedures, while effectively communicating policies and procedures impacting Identity and Access management to end users, leadership, and peers to ensure compliant practices. Provides guidance on optimizing security build based on appropriate minimum necessary standards. Responsible for the on-going maintenance, testing, support and optimization of Epic user security and provider management, with focus on role based access. Epic certification is a requirement. Excellent organizational skills and ability to manage work load while assigned to multiple simultaneous projects with minimal supervision. Thorough understanding of user account administration in a network environment. Thorough understanding of security auditing principles. Familiarity with current common paradigms for violating system integrity. Top-tier security performance tuning skills and trouble-shooting required.
Works closely with all levels of the organization to ensure that security is consistent with organizational security standards, information access requirements and business strategies. Coordinates with IS entities regarding technical considerations (user rights/privileges, system access) to ensure proper implementation and provides on-going support for all security operations. Works collaboratively with Internal Audit, Corporate Compliance, Human Resources and other departments on security related issues and projects. Works with cross-functional teams to perform reviews and tests of IS internal controls to ensure existing systems are operating as designed and contain adequate controls. Monitors and analyzes technology security and recommends appropriate IS policies, procedures and practices to strengthen security operations. Provides consultation regarding audit, regulatory and security management activities across IS functional areas. Coordinates the IS component of both internal and external audits, federal and state examinations.

ESSENTIAL FUNCTIONS:

• Demonstrates behaviors outlined in the Core Competencies the Blue Kids Way to provide service excellence as a committed partner to children, families and co-workers.
• Recommends and maintains policies and procedures related to information security. Monitors the organization’s overall security fabric.
• Assesses security needs and capabilities of the organization. Makes regular reports to management concerning security measures. Makes recommendations for improvement as required.
• Identifies and provides information security awareness training as appropriate. Identifies appropriate courses to enhance security capabilities and competencies of the organization.
• Works with management to perform and maintain risk assessments. Ensures organization compliance with the security sections of Federal and State statutes, including HIPAA, as well as regulatory requirements. Coordinates investigations into potential security infractions.
• Determines and designs appropriate tests for all aspects of information security. Activities may include attempted “cracking” of system security, review of audit trails and attempted theft of devices. Evaluates system effectiveness and makes change recommendations as necessary.
• Coordinates periodic reviews of system security by outside consultants, including vulnerability assessments, penetration tests, HIPAA reviews and PCI compliance. Works with IS teams to implement recommendations as appropriate.
• Monitors, evaluates and makes recommendations regarding perimeter security including prevention against attack, viruses, and other forms of malicious software. Monitors, evaluates and makes recommendations regarding email and Internet content filtering. Evaluates and makes recommendations regarding requested changes to perimeter security.
• Recommends policies and procedures for controlling remote access by employees, non-employees and vendors.
• Reviews and makes recommendations regarding security oriented software applications and workstation security, including patch management, user rights management, and operating system configuration.
• Keeps current on security issues through seminars, publications and self-education on an on-going basis.