IS Info Security Spec II - 21647

Philadelphia, PA, US, 19104

Job Type: 

Location: LOC_1300_MKT-Wanamaker Building 

Req ID: 86817

Shift: Days

Employment Status: Regular - Full Time 

Job Summary

  1. Demonstrates strong knowledge and proficiency in Information Security principles, regulations, standards, risk management methodologies, business continuity and change management, network security architecture and design, and solid understanding of network security issues, and project management principles.

  2. Demonstrates proficient data gathering techniques and the ability to troubleshoot information security issues and develop solutions.

  3. Demonstrates knowledge and proficiency in Firewall concepts and products (e.g., CheckPoint), Access Control, Authentication, Secure VPNs (Cisco).

  4. Demonstrates proficiency in data mining and querying techniques.

  5. Demonstrates knowledge of security architecture/engineering standards, including corporate firewalls technology, access control, authentication, virtual private networks.

  6. Has some experience in penetration testing techniques.

  7. Knowledge of industry standards for use of forensic tools and collection of evidence.

  8. Works with minimal supervision in support of team initiatives, and assists and educates Information Security Specialist I personnel.

Job Responsibilities

The responsibilities of an Information Security Specialist II encompass identical responsibilities as an Information Security Specialist I, but with a greater degree of complexity. An Information Security Specialist II also:

  1. Works with other InfoSec personnel and database team and the enterprise solution architects to define compliance risk-related requirements (HIPAA, PCI, HITECH, and Joint Commission) for existing infrastructure and future architectures. This could potentially include supporting the CISO with on-demand security related requests from clinical and corporate groups on an ad-hoc basis.
  2. Participates in the review, test, and integration of security tools.
  3. Develops information security training materials for CHOP end users and validates that CHOP personnel are aware of their responsibilities and accountability as outlined in the security policies.Performs hand-on technical work in support of daily Security Operations activities by performing vulnerability management assessments on a set frequency and reporting results to the Manager of Information Security via use of approved departmental solutions and toolkits.
  4. Performs eDiscovery activities with supervision by collecting evidence and maintaining chain of custody of records.
  5. Support business continuity and change management teams in related processes that include information security standards.
  6. Performs risk analysis and risk assessment activities to support regulatory requirements related to financial, healthcare industries or related accreditation requirements (e.g., HIPAA Security and Privacy Rules)
  7. Facilitates analysis of security issues with respect to interfaces, databases, and other related initiatives.
  8. Works with the Office of Internal Audit Services management and external Audit Management to direct and monitor the status of IS remediation plans that address audit or compliance issues.
  9. Develops of Corrective Action Plans (CAPs) for the remediation of control deficiencies around information security, access control and segregation of duties.

Job Responsibilities (Continued)

Job Responsibilities (Continued)

Required Licenses, Certifications, Registrations

Industry security certification required

Required Education and Experience

Required Education:  Bachelor’s degree in Computer Science, Information Systems, or related field.


Required Experience:


  • Three (3) years related work experience in information security, risk management
  • Two (2) years of experience with security engineering, security architecture concepts
  • One (1) year of performing security operational duties (vulnerability assessments) 

Preferred Education, Experience & Cert/Lic

Preferred Experience: eDiscovery experience

Additional Technical Requirements

  • Knowledge and understanding of user provisioning processes on various platforms, databases, systems, & applications (Active Directory, Oracle)
  • Knowledge of general and IT controls (e.g., access controls, risk management, change management) and related information security policies and procedures.
  • Understanding of healthcare regulatory standards (HIPAA Privacy & Security Rules and other relevant regulatory standards).
  • Understanding of OS specific security issues, including Windows and UNIX.  Epic environment experience a plus.
  • Strong understanding of enterprise risk management & IT governance concepts, principles & practices, (e.g., COBIT, NIST, ISO).          


Information Security Requirements


  1. Understand and comply with all enterprise and IS departmental information security policies, procedures and standards.
  2. Support the integration of information security in the development, design, and implementation of Hospital Technology Resources that process, transmit, or store CHOP information.
  3. Support all compliance activities related to state, federal regulatory requirements, healthcare accreditation standards, and all other applicable regulations that govern the use and disclosure of patient, financial, or other confidential information.

All CHOP employees who work in a patient building or who provide patient care are required to receive an annual influenza vaccine unless they are granted a medical or religious exemption.

Children's Hospital of Philadelphia is committed to providing a safe and healthy environment for its patients, family members, visitors and employees. In an effort to achieve this goal, employment at Children's Hospital of Philadelphia, other than for positions with regularly scheduled hours in New Jersey, is contingent upon an attestation that the job applicant does not use tobacco products.

Children's Hospital of Philadelphia is an equal opportunity employer. We do not discriminate on the basis of race, color, gender, gender identity, sexual orientation, age, religion, national or ethnic origin, disability or protected veteran status.

VEVRAA Federal Contractor/Seeking priority referrals for protected veterans.  Please contact our hiring official with any referrals or questions.

CHOP Careers Contact 

Talent Acquisition

2716 South Street, 6th Floor

Philadelphia, PA 19146 




Nearest Major Market: Philadelphia

Job Segment: Medical, EMR, Database, Oracle, Patient Care, Healthcare, Technology