Montefiore Information Technology (MIT) is looking for an Information Security Engineer who will participate in the implementation and support of a new ERP suite including the Finance, Supply Chain, HR and Asset Management functions on a single ERP system across all business partners. This strategic position will be part of a strong team that will play a pivotal role in the health system's ERP technology transformation program and evolve to a shared services model across Montefiore Medicine.
The ideal candidate must possess a strong understanding of enterprise security concepts and role-based access controls (RBAC) and will work with the business process owners, business analysts, IT security and compliance teams on security requirements for the ERP suite. This Security role has responsibilities within each phase of the ERP Transformation project life cycle including user meetings, requirements gathering, development, testing, implementation, and go-live.
The Information Security Engineer provides outstanding client service and contributes to the organization's mission of utilizing information technology to improve patient care.
Role and Responsibilities
* User and security role creation and maintenance in ERP suite.
* Identify and manage the different types of roles, including aggregate privileges and data, abstract, job, and duty roles.
* Adhere to auditable segregation-of-duty guidelines.
* Analyze user's needs to provide best practice role-based access control (RBAC) and security functions.
* Design and maintain related role-based access controls as it relates to the ERP solutions.
* Overseeing segregation of duties
* Support user / security reports and audit requirements.
* With an in-depth understanding of the data, make suggestions which result in meaningful outcomes based on the findings and criteria of the users.
* Development, testing, and deployment of complex IT security solutions to ensure proprietary/confidential data and systems are protected.
* Keeps abreast of trends and best practices in the industry to strengthen organizational and technical knowledge as it relates to security and regulatory requirements.
* Work effectively within and across ERP/Finance/HR business operations and IT teams to execute projects and roadmap items.
* Provide guidance during the detailed design, build, test and deploy phases.
* Monitor application performance, service delivery performance metrics, change management, ticketing and resolution of incidents, resolution of identified problems.
Qualifications and Education Requirements
* Bachelor's degree in CSI or equivalent experience
* 5+ years of ERP Security Design, Implementation and Administration experience in systems like SAP, Oracle, Workday, or Infor
* Experience with Segregation of Duties (SOD) resolution
* Experience with user provisioning, role creation and maintenance.
* Experience creating documentation to support user requirements.
* Experience with HCM Security Management Data Stores, Tools, Tasks, and Processes.
* Knowledge of IAM platforms
* Knowledge of relevant security standards and regulatory requirements (PCI, PII and HIPAA).
* Experience in healthcare specific security and compliance requirements is preferred.
* Knowledge of ERP systems within a Healthcare environment.
* Excellent written and verbal communication/presentation skills.
* Self-motivated with the ability to work consistently and efficiently to achieve overall team as well as personal goals.
* Excellent ability to multi-task and manage simultaneous projects and initiatives.
* Strong planning, organization, critical thinking, decision-making skills and problem-solving aptitude.
* High degree of confidentiality, maturity, tactfulness and business ethics.
* Experience in an academic medical center is highly desirable.
Department: Montefiore Information Technology Bargaining Unit: Non Union Campus: ELMSFORD Employment Status: Regular Full-Time Address: 555 Taxter Road, Elmsford
Shift: Day Scheduled Hours: 8:30 AM-5 PM Req ID: 92752
Montefiore is an equal employment opportunity employer. Montefiore will recruit, hire, train, transfer, promote, layoff and discharge associates in all job classifications without regard to their race, color, religion, creed, national origin, alienage or citizenship status, age, gender, actual or presumed disability, history of disability, sexual orientation, gender identity, gender expression, genetic predisposition or carrier status, pregnancy, military status, marital status, or partnership status, or any other characteristic protected by law.