Senior Information Security Operations Specialist

Job Purpose:

Responsible for managing the hospital's day-to-day cybersecurity monitoring, incident detection and response, vulnerability management, and operational compliance. The role ensures proactive threat identification, rapid incident resolution, and protection of sensitive patient and hospital information systems in accordance with healthcare regulatory standards.

Roles and Responsibilities:

• Ensure work is performed based on approved policies, processes, procedures, and instructions
• Identify opportunities for continuous improvement of systems, processes and practices taking into account leading practices, cost reduction and productivity improvement
• Ensure day-to-day activities are properly performed in line with policies and procedures.
• Follow-up on escalated cases/issues of subordinates to ensure they are closed efficiently and in a timely manner.
• Monitor and analyse security events using SIEM (Security Information and Event Management) systems.
• Investigate anomalies, potential threats, and malicious activity across the hospital network, endpoints, and clinical systems.
• Track security alerts from EDR (Endpoint Detection & Response), IDS/IPS, and other cybersecurity tools.
• Lead first-line and second-line security incident response, from triage to resolution, minimizing disruption to clinical operations.
• Conduct root cause analysis and implement corrective actions following security incidents.
• Maintain and regularly test incident response playbooks and escalation procedures.
• Perform regular vulnerability scans on hospital IT assets and medical devices.
• Work with IT infrastructure teams to ensure timely remediation of vulnerabilities and system patching.
• Track vulnerability closure rates and report risk status to Information Security leadership.
• Maintain logs, audit trails, and compliance documentation for security-related audits.
• Support external audits and regulatory inspections by providing evidence of operational security controls.
• Monitor Data Loss Prevention (DLP) systems and assist in enforcement of data protection policies.
• Support the Identity and Access Management (IAM) process by reviewing access privileges and enforcing least privilege principles.
• Assist in cybersecurity awareness campaigns and conduct security training workshops for hospital staff.
• Participate in phishing simulations and employee cybersecurity education programs.
• Document all security incidents, response actions, and lessons learned.
• Generate routine operational security reports for internal stakeholders and contribute to dashboard reporting for IT management.

Requirements:

• 5+ years of cybersecurity experience, preferably with at least 2+ years in healthcare environments.

• Bachelor's degree in Information Technology, Computer Science, or related field.