Cybersecurity Expert
Pretoria, Gauteng
Posted more than 30 days ago
- Company:
- Health Information Systems Program
- Company Description:
- We provide a wide range of digital health solutions including clinical decision support, laboratory systems, mobile health and data management. Our comprehensive suite of healthcare IT solutions improves many lives, with a focus on digital transformation.
- Contract Type:
- Full Time
- Experience Required:
- 5 to 10 years
- Education Level:
- Bachelor
- Gender:
- Any
- Number of vacancies:
- 1
Job Description
•Ensure health information systems, including the HMIS, are fully compliant with all relevant cybersecurity and privacy standards
•Develop, implement, and maintain comprehensive security documentation, including policies, procedures, and incident response plans
•Perform routine vulnerability scanning, penetration testing, and security assessments to identify and address potential security risks across the system infrastructure
•Implement and monitor robust security controls to mitigate external cyber threats and attacks, such as firewalls, intrusion detection/prevention systems, and access management controls
•Investigate, document, and coordinate the remediation of security incidents, including data breaches, unauthorised access attempts, and other malicious activities
•Manage the user permission structure and maintain an active list of authorized HMIS users, ensuring the timely removal of inactive user accounts
•Provide security awareness training and guidance to the team to promote a culture of cybersecurity best practices
•Collaborate closely with systems administrators, developers, and other cross-functional teams to ensure the overall security posture of the healthcare information system infrastructure
•Stay up-to-date with the latest cybersecurity threats, trends, and solutions, and recommend strategic improvements to enhance the organization's security capabilities
Job Requirements:
•7+ years of experience as a Cybersecurity Specialist, Information Security Analyst, or similar role in the healthcare industry
•Extensive knowledge of healthcare-specific security and privacy regulations, such as HIPAA, and experience in ensuring compliance
•Proficient in implementing and managing various security controls, including firewalls, intrusion detection/prevention systems, and access management solutions
•Hands-on experience in performing comprehensive vulnerability assessments, penetration testing, and incident response and remediation
•Exceptional documentation and communication skills to convey security-related information to both technical and non-technical stakeholders
•Strong problem-solving and analytical abilities to identify and mitigate complex security risks
•Familiarity with healthcare information systems, such as HMIS and electronic health records (EHRs)
•Relevant cybersecurity certifications (e.g., CISSP, CISM, CISA) are highly desirable
•Bachelor's degree or National Diploma in Cybersecurity, Computer Science, or a related field; advanced degree preferred