POSITION SPECIFICS
Title: Systems Security Analyst (Full Time - Hybrid)
FTE: 1.0 FTE (40 hours per week)
Schedule: Monday - Friday, 8:00AM - 4:30PM
Holiday Rotation: None
Weekend Rotation: None
On Call Requirements: Yes, rotational after experienced
POSITION SUMMARY
Under the general direction of the Manager IT Network & Security, this position supports the overall efforts to improve the IT security program, threat and vulnerability tasks, identity management, application security assessments.
POSITION TECHNICAL RESPONSIBILITIES
- Collaborate with stakeholders with respect to security leadership on risk assessments, policies and procedures, security initiatives, and testing controls.
- Coordinate and deploy system updates and hotfixes in accordance with patch management program.
- Monitor and restrict access to sensitive, confidential, or other high-security data.
- Plan and conduct user training to provide system security and promote security awareness.
- Oversee backup of company data in case of disaster or data loss.
- Investigate improper use and report violations to Security leadership.
- Monitor trade websites and cybersecurity organizations for prevailing threats and recommend appropriate course of action to address such threats.
- Recommend process improvement and strategic initiatives as related to security assessment.
- Ensure the efficient and effective implementation and support of security solutions; application security design, assessments, testing and remediation.
- Work with Network Administrators, Desktop Support Specialists, and vendors on different initiatives and issues to ensure they are implemented or resolved to our security standards.
- Complete audits of system security to ensure compliance with rules and regulations such as HIPAA & PCI-DSS.
- Perform risk-based security reviews of internal systems, applications, and third-party integrations.
- Articulate security findings internally a variety of stakeholders, including both technical and non-technical stakeholders.
- Provide defensible recommendations on technical, physical, and administrative control implementations based on assessment findings while balancing the cost versus benefits.
- Negotiate acceptance of remediation plans and timelines based on level of risk associated with a finding.
- Responsible for third party security, vendor access and incident management.
- Participate in the development and oversight of corrective actions relating to security issues.
- Compile and report out security risk and operational metrics.
- Participate in cross-functional, team, and status review meetings.
- Participate in on-call rotation.
POSITION REQUIREMENTS
Education:
- Required: High school diploma or equivalent.
- Preferred: Associates or Bachelors Degree in the field of computer science or information technology.
Experience:
- Required: Three (3) years of on-the-job experience in a related role
- Preferred: Experience working in information services role in a health care environment or medical setting.
Licenses and Registrations:
- Required: None
- Preferred: None
Certification(s):
- Required: None
- Preferred: Systems Security Certified Practitioner (SSCP), Certified Information Systems Auditor (CISA), Cisco CyberOps Professional or related course work.
BENEFIT SUMMARY
- Competitive health and dental insurance options
- Flexible paid time off to balance work and life
- Retirement plan with immediate vesting and employer match
- Free membership to our state-of-the-art fitness facility
- Generous tuition reimbursement
- Employer provided life and disability insurance
- Free parking at facility
#IND101