Sr Information Security Analyst - IT Disaster Recovery | Houston, TX | MD Anderson

Sr Information Security Analyst - IT Disaster Recovery

The Information Security department has the role of implementing and managing enterprise programs (policies, standards, processes and technologies) for the proper protection of MD Anderson's information resources. The department's in scope services extends to every area in the institution. The department is also responsible for conducting assessments, based on resources and risk and recommending ways to comply with the information security aspects of regulatory requirements and other mandates.

Disaster Recovery Program Planning
Maintain Institutional Disaster Recovery Program
Maintain a current Criticality Assessment methodology for application tier assignment.
Manage CA methodology revision for tier assignment of other core business areas.
Provide DR planning guidance and training to application teams and projects.
Provide application teams guidance and training for periodic DR plan tabletop and technical testing.
Develop and maintain comprehensive divisional, departmental and owner / administrator compliance monthly reporting per TAC 202.

Annual Integrated Disaster Recovery Testing
Plan and coordinate annual DR Forum workgroup planning meetings for annual integrated DR technical testing.
Plan and coordinate annual Management DR Tabletop testing.
Document after actions and track to resolution and closure.
Prepare and present lessons learned, observations and recommendations.

Sustainable Planner Maintenance
Assure maintenance oversight for the Sustainable Planner EM/BC/DR platform, (system baseline, support documentation, backup request forms, CMNF processing, system upgrades upgrades and customer communications).
Develop and maintain change management process to assure current system backline.
Major Event Process Development
Formation of major event process development workgroup and maintain team meeting agenda / schedule.
Provide thought leadership and guidance toward an integrated major event process workflow to include:
process workflow graphic with process response timeline
severity level / customer impact matrix for the Helpdesk team
weekly team notification scheme
decision matrices for Incident Commander / Event Manager / For Info Service desk
Major Event Notification Process support documentation.

Maintain process.
Annual Professional Certification Training and Personal Development Plan
Attend Disaster Recovery or Information Security conference (DRJ, DRII, ISACA, etc.)
Attend soft skills course:
Personal Development Plan:

Other duties as assigned

Education Required:
Bachelor's degree in Computer Information Systems, Business Information Systems, Computer Science or related field.

Certification Required:

Preferred Certification:
CBCP - Certified Business Continuity Professional.
CBCI - Certificate of the Business Continuity Institute
MBCP - Master Business Continuity Professional

Experience Required:
Five years of information security experience, to include experience in multiple security domains. May substitute required education degree with additional years of equivalent experience on a one to one basis.

Preferred Experience:
Business continuity/disaster recovery planning platform development/maintenance
Mastery of regulatory requirements and unified grid mapping.
Healthcare experience and EPIC environment
Business Continuity Planning and Disaster Recovery Planning development experience.
Demonstrated experience and insight into performing threat assessments.
Demonstrated experience performing Business Impact Analysis(BIA).
Performing or participating in application level risk assessment.

It is the policy of The University of Texas MD Anderson Cancer Center to provide equal employment opportunity without regard to race, color, religion, age, national origin, sex, gender, sexual orientation, gender identity/expression, disability, protected veteran status, genetic information, or any other basis protected by institutional policy or by federal, state or local laws unless such distinction is required by law.

Additional Information
  • Requisition ID: 143280
  • Employment Status: Full-Time
  • Employee Status: Regular
  • FLSA: exempt and not eligible for overtime pay
  • Work Week: Days
  • Fund Type: Hard
  • Pivotal Position: Yes
  • Minimum Salary: US Dollar (USD) 78,800
  • Midpoint Salary: US Dollar (USD) 98,500
  • Maximum Salary : US Dollar (USD) 118,200
  • Science Jobs: No