- Job no: 65644
- Category: Administration, Administration & Office Support
Alfred Health is a leader in health care delivery, improvement, research and education. We are the main provider of health services to people living in the inner southeast suburbs of Melbourne, from ambulatory to inpatient and home and community-based services.
- Permanent Full time
- 80 hours per fortnight including ADO
- Grade HS5
- Alfred Health
Digital Health is responsible for enabling clinical staff to deliver timely, quality care to our patients and carers through innovative use of information technologies, and through strategic management of information and data across the organisation.
The Senior Cyber Security Engineer is a critical role, responsible for protecting Alfred Health’s information systems and networks from cyber threats and vulnerabilities and supporting the successful implementation of Alfred Health Cyber Security Strategy and Action plan. The Senior Cyber Security Engineer will be expected to support the development, maintenance and execution of Alfred Health’s Digital Health Cybersecurity strategy and action plan to centralise and automate the security operations technology and process, management of permanent and contingent staff, contractors, partners, 3rd party and patient electronic identities and access to Alfred Health’s systems and data.
This role will be responsible in implementing and maintaining security measures to ensure the confidentiality, integrity, and availability of digital assets.
Key responsibilities include managing security tools and technologies, participating in incident response activities, monitoring and analysing security logs, collaborating with IT teams on secure configurations, conducting regular security audits and staying current on industry trends. Successful candidate should have a strong background in information security, familiarity with security frameworks and standards, experience with various security tools, and excellent problem-solving and communication skills. The role will also include ensuring adequate controls are designed and implemented to ensure that Cyber Security risks are minimised to an acceptable level.
The Senior Cyber Security Engineer performs a wide range of duties in the development and implementation of Cyber Security technologies:
- Implement and manage technologies to automatically and proactively monitor and alert of cyber incidents, non-compliance or deviation from Alfred Health policies and standards, unauthorised changes to Alfred Health systems and automate the reporting, alerting, remediation and response processes.
- Implement, manage and leverage infrastructure automation and monitoring tools to ensure security controls are implemented and operating effectively, and perform ongoing configuration and compliance checks against Alfred Health policies and standards.
- Support Alfred Health identity solutions, including Single Sign-On (SSO), Privileged Access Management (PAM) and Identity Governance and Administration (IGA).
- Support Identity Governance and Administration (IGA) products, standards and processes across all Alfred Health systems, to streamline and automate the end-to-end lifecycle of staff, contractors and other 3rd party access to Alfred Health systems, including IT, IoT, IoM, Pharmacy, Radiology, BioMedical and Engineering technologies and systems.
- Ensure appropriate governance processes are implemented to ensure all security tools are maintained to vendor supported version, optimised and align with vendors and industry best practices, and have appropriate levels of internal and external support.
- Communicate changes and risks to relevant stakeholders, including senior management, IT staff, and business units.
- Ensure compliance with relevant regulations, policies, standards, and guidelines.
- Participate in incident response and investigations as needed, providing expertise on the impact of changes to cyber security systems and policies.
- The ability to quickly build and maintain positive relationships with team members and stakeholders.
- Understanding of hospital operational management.
- Experience implementing automation technologies, to automating the prevention, detection and response to security incidents, ongoing configuration compliance assessments.
- Experience using IT Automation tools, such as Ansible, Puppet and Terraform to automate infrastructure, network and application provisioning, security automation and configuration and compliance management.
- In-depth understanding of security tools, techniques and process for preventing, detecting and responding to security incidents.
- In-depth experience implementing and administering security technologies, including email filtering, IDS/IPS, SIEM, firewalls, server and endpoint protection, vulnerability scanning and remediation.
- In-depth knowledge of networking principles and protocols, including implementing Network Access Controls (NAC) and network segmentation.
Knowledge of NIST, ASD Essential 8, ISO 27000, and other recognized security frameworks
This is an opportunity to work with an amazing team in a growth area within health and to have a real impact on patient care and outcomes. Additional benefits include:
- Salary Packaging
- Discount Health Insurance
- Car Parking (subject to availability)
- Onsite Gym
- Child care services
All enquiries to Mark Burns [email protected]
Applications Close: 11pm AEST, Tuesday 26th September 2023
Alfred Health is an equal opportunity employer and is committed to attracting and retaining a diverse workforce that reflects the community we serve. Applications from Aboriginal and Torres Strait Islanders are encouraged.
In accordance with the Health Minister's Covid-19 Mandatory Vaccination Order, all Alfred Health employees are required to be fully vaccinated (3 doses) for COVID-19 or hold an acceptable medical exemption. Furthermore, in accordance with the Health Services Amendment (Mandatory Vaccination of Healthcare Workers) Act 2020, health care workers in Category A or B roles (as determined by the department’s risk ratings) are required to be vaccinated against influenza or hold an acceptable medical exemption.