Tanner Clinic has an immediate opening for a full-time Cyber Security Administrator. This position is not remote and is located at our Layton Antelope A location.

Essential Job Responsibilities:

Security Management & Compliance

• Develop, maintain, and enforce cybersecurity policies, procedures, and standards in accordance with HIPAA and industry best practices.
• Coordinate with Privacy and Compliance Officers to align technical controls with regulatory requirements (HIPAA, HITECH).
• Conduct periodic risk assessments and vulnerability scans to identify potential threats and gaps.
• Lead remediation planning with IT and clinical stakeholders to resolve weakness findings.

Monitoring & Incident Response

• Monitor security tools (SIEM, IDS/IPS, endpoint protection) for threats and anomalous activity.
• Investigate and respond to cybersecurity incidents, document findings, and recommend corrective actions.
• Assist in the creation and maintenance of incident response and disaster recovery plans.

Infrastructure & Technical Controls

• Administer network and system security including firewalls, VPNs, access controls, encryption, multi-factor authentication (MFA), and patch management.
• Collaborate with server, network, and application teams to ensure secure configuration and integration of clinical systems.
• Review and authorize privileged user access, implementing least privilege principles.

Training & Awareness

• Provide cybersecurity awareness training and guidance to clinic staff.
• Promote security best practices to clinical and administrative personnel to reduce human risk factors.

Documentation & Reporting

• Maintain detailed documentation for audits, compliance reviews, and IT governance.
• Prepare security metrics reports for IT leadership and executive stakeholders.

Technical Skills:

• Network and system security fundamentals (firewalls, VPN, NAC, IDS/IPS, endpoint protection)
• Active Directory and identity management
• Risk assessment and remediation planning
• Security monitoring and logging tools

Education:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline (or equivalent experience).

Experience:

• 3–5+ years in information security, systems administration, or equivalent role in IT with exposure to healthcare systems.
• Security Certifications (Preferred): Security+, CISSP, CISM, CEH, or similar.
• Experience supporting Electronic Health Record (EHR/EMR) systems and healthcare network environments (Preferred).
• Familiarity with HIPAA Security Rule controls, NIST Cybersecurity Framework (CSF), or HITRUST (Preferred)

Other Requirements:

• Regular and reliable attendance is an essential function of the job

Performance Requirements:

Knowledge:

• Knowledge of IT infrastructure and network management.
• Knowledge of operating systems, word processing, database applications, spreadsheet applications, e-mail applications, and diagnostic utilities.
• Knowledge of troubleshooting and operating computer equipment.
• Knowledge of customer service-related concepts.

Skills:

• Skill in organizing tasks.
• Skill in using customer service skills when dealing with frustrated employees.
• Skill in masterful problem-solving.

Abilities:

• Ability to be a team player with effective interpersonal skills.
• Ability to solve problems and work independently.

Equipment Operated:

• Standard office equipment including computers, fax machines, copiers, printers, telephones, etc.

Work Environment:

• Position is in a well-lighted office environment. Occasional evening and weekend work.

Mental/Physical Requirements:

• Involves sitting approximately 90 percent of the day, walking, bending, kneeling, stretching, or standing the remainder. May need to lift up to 30 pounds.