CYBERSECURITY SUPPORT SPECIALIST

About The Position

Requirements

• Associate’s Degree in Cybersecurity, Computer Science, Information Technology, or a closely related field. In lieu of an Associate’s Degree, must have four (4) years if direct cybersecurity experience.
• Minimum two (years) of experience performing enterprise-level work for a medium to large-scale computer information system under advanced operating systems.
• Of the two (2) years of experience, at least one (1) year must involve responsibility for operating enterprise workstations, servers, networks, and related peripheral equipment.
• Must be certified as CompTIA A+, Network+, Security+, and/or Microsoft SC-900 at the time of hire or must be willing to obtain certification within 6 to 12 months of employment.
• Must possess a valid Driver’s License and maintain appropriate clearance while employed.
• Must be able to successfully pass the Employee Health Program requirements and background investigation.
• Basic understanding of information security policies and best practices.
• Familiarity with Microsoft 365, Windows OS, and endpoint protection concepts.
• Knowledge of networking fundamentals (TCP/IP, firewalls, VPNs) in healthcare environments.
• Knowledge of hardware and software installations, testing, and security configuration.
• Knowledge of LAN/WAN best practices and remote support tools.
• Ability to install, configure, and troubleshoot workstation hardware/software in line with security standards.
• Ability to isolate system problems quickly and take proper corrective action.
• Strong analytical skills and attention to detail when responding to alerts and incidents.
• Excellent written and verbal communication skills, especially in user-facing support situations.
• Ability to maintain confidentiality of sensitive data and follow HIPAA and HITECH requirements.
• Ability to interact professionally with staff from diverse backgrounds in both clinical and non-clinical departments.
• Desire to pursue certifications such as CompTIA A+, Network+, and Security+.
• Ability to communicate effectively in the English language, both verbally and in writing.

Nice To Haves

• Hospital-related IT work experience is preferred.
• Ability to speak the Navajo language and/or familiarity with the Navajo way is a plus, but not required.

Responsibilities

• Act as frontline cybersecurity support for hospital departments and clinics, providing technical and security-focused assistance to employees.
• Monitor and triage security alerts through our managed detection and response system and escalate as appropriate.
• Respond to phishing reports, suspicious activity, and MFA-related issues, document actions taken.
• Support secure handling, transmission, and storage of sensitive data in accordance with hospital data classification and protection standards.
• Escalate security events, suspected incidents, or policy violations according to established procedures.
• Assist with secure installation and configuration of workstations, laptops, and mobile devices, including antivirus, encryption, and security patches.
• Assist with maintaining accurate device and system inventory relevant to cybersecurity monitoring.
• Assist with preserving logs, screenshots, and relevant evidence during security incidents under guidance.
• Assist with periodic access reviews for systems containing sensitive information.
• Support cloud-based email security features, including email security reviews and investigations.
• Assist with DNS alert review and URL filtering policy support.
• Participate in endpoint security analysis and assist with software deployment.
• Assist with EHR access privilege management and access reviews.
• Provide basic guidance and support for hospital staff on cybersecurity-related concerns.
• Assist with endpoint policy enforcement through centralized management and patching tools.
• Participate in risk assessments, policy compliance reviews, and internal security audits.
• Maintain logs and documentation of cybersecurity tasks, alerts, and user interactions.
• Assist with cybersecurity incident response, including triage and documentation, user communication, and containment efforts under guidance.
• Ensure confidentiality and integrity of all electronic data in accordance with HIPAA, HITECH, and hospital policies.
• Contribute to cybersecurity awareness initiatives, tabletop exercises, and training events.
• Complete mandatory training, including HIPAA/HITECH security awareness, security compliance modules, and annual participation in tabletop exercises.
• Stay up to date on cybersecurity certification pathways and emerging technologies relevant to healthcare IT.
• Work closely with IT and security staff to carry out department goals and support a secure computing environment.
• Participate in continuous security training and certifications aligned with departmental priorities.
• Support the ongoing development and maturation of the hospital’s cybersecurity program.
• Perform other duties as assigned related to the secure operation of the hospital.