MPHC is seeking two, entry-level, information security analysts to join our growing IT Security Team! Work history in an IT healthcare setting is highly desirable. Should you meet the job requirements below, please submit an application today for immediate consideration!
The successful candidate will assist in the development and implementation of the Information Security program. The Information Security Analyst will be a key contributor in developing security policies, monitoring and analyzing traffic and logs, and assist in protecting the organization's IT systems and software from malicious activity and technology breaches. With general guidance and coaching, participates in and perform security risk assessments, perform and analyze vulnerability scans, work with others in IT and the business to remediate and eliminate risks. The Information Security Analyst is responsible for providing expert technical knowledge, standards development, program development, risk assessment, reporting, and awareness education related to information security.
- Monitors SIEM, IDS/IPS, endpoint protections, and identity management solutions
- Monitor and audit information systems, networks, and databases to identify and isolate occurrences of unauthorized activity; prepares and coordinates corrective actions
- Conducts security assessments and audits, penetration testing, IT forensic investigations and incident management
- Perform and/or coordinate regular security assessments of existing or new infrastructure or applications
- Coordinate response to information security incidents and threats
- Assess, manage, and coordinate information and cyber vulnerabilities throughout the organization
- Has a thorough understanding of the latest security exploits and how to prevent or detect them
- Develops, defines, reviews and enforces information security policy, standards and guidelines for business operations and technology implementations
- Proactively identifies information and IT security risks including IT technical implementations or business processes
- Coordinates group-wide and company-wide information security matters such as incident response, intrusion detection management, and cyber security advisories
- Proactively monitors and reports on internal and external threats
- Assist with the creation of the long-term information security roadmap
- Participate in the rotating “on call” schedule with other members of the team for providing support to the business and partners
- Performs other duties as assigned
- B.S. or B.A. degree in MIS, CIS, CS, or equivalent combination of education and experience
- 3-5 years experience with and combinations of information security methodologies, risk assessments, business continuity, policy and technical reporting writing, information security technologies, security monitoring, incident response, open source technologies, and various operating systems
- Healthcare experience and familiarity with HIPAA/HITECH, PCI-DSS, NIST 800-171, and NIST 800-53 is highly desirable
Required License(s) and/or Certification(s):
- Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), Certified Information Systems Auditor (CISA), and/or Certified in Risk and Information Controls (CRISC) is a plus.