Cyber Security Administrator

Tanner Memorial Clinic Layton, Utah, United States Information Technology

About this position

Description:

Tanner Clinic has an immediate opening for a full-time Cyber Security Administrator. This position is not remote and is located at our Layton Antelope A location.  


Essential Job Responsibilities:


Security Management & Compliance

  • Develop, maintain, and enforce cybersecurity policies, procedures, and standards in accordance with HIPAA and industry best practices.
  • Coordinate with Privacy and Compliance Officers to align technical controls with regulatory requirements (HIPAA, HITECH).
  • Conduct periodic risk assessments and vulnerability scans to identify potential threats and gaps.
  • Lead remediation planning with IT and clinical stakeholders to resolve weakness findings. 


Monitoring & Incident Response

  • Monitor security tools (SIEM, IDS/IPS, endpoint protection) for threats and anomalous activity.
  • Investigate and respond to cybersecurity incidents, document findings, and recommend corrective actions.
  • Assist in the creation and maintenance of incident response and disaster recovery plans. 


Infrastructure & Technical Controls

  • Administer network and system security including firewalls, VPNs, access controls, encryption, multi-factor authentication (MFA), and patch management.
  • Collaborate with server, network, and application teams to ensure secure configuration and integration of clinical systems.
  • Review and authorize privileged user access, implementing least privilege principles. 


Training & Awareness

  • Provide cybersecurity awareness training and guidance to clinic staff.
  • Promote security best practices to clinical and administrative personnel to reduce human risk factors.


Documentation & Reporting

  • Maintain detailed documentation for audits, compliance reviews, and IT governance.
  • Prepare security metrics reports for IT leadership and executive stakeholders.


Technical Skills:

  • Network and system security fundamentals (firewalls, VPN, NAC, IDS/IPS, endpoint protection)
  • Active Directory and identity management
  • Risk assessment and remediation planning
  • Security monitoring and logging tools


Requirements:


Education:

  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline (or equivalent experience).


Experience:

  • 3–5+ years in information security, systems administration, or equivalent role in IT with exposure to healthcare systems.
  • Security Certifications (Preferred): Security+, CISSP, CISM, CEH, or similar.
  • Experience supporting Electronic Health Record (EHR/EMR) systems and healthcare network environments (Preferred).
  • Familiarity with HIPAA Security Rule controls, NIST Cybersecurity Framework (CSF), or HITRUST (Preferred)


Other Requirements:

  • Regular and reliable attendance is an essential function of the job


Performance Requirements:


Knowledge:

  • Knowledge of IT infrastructure and network management. 
  • Knowledge of operating systems, word processing, database applications, spreadsheet applications, e-mail applications, and diagnostic utilities.
  • Knowledge of troubleshooting and operating computer equipment.
  • Knowledge of customer service-related concepts.


Skills:

  • Skill in organizing tasks.
  • Skill in using customer service skills when dealing with frustrated employees.
  • Skill in masterful problem-solving.


Abilities:

  • Ability to be a team player with effective interpersonal skills.
  • Ability to solve problems and work independently. 


Equipment Operated:

  • Standard office equipment including computers, fax machines, copiers, printers, telephones, etc.


Work Environment:

  • Position is in a well-lighted office environment. Occasional evening and weekend work.


Mental/Physical Requirements:

  • Involves sitting approximately 90 percent of the day, walking, bending, kneeling, stretching, or standing the remainder. May need to lift up to 30 pounds.