The Senior Information Security Analyst plays a critical role in protecting the companyâ€™s information by ensuring security controls are working properly every day. This team member is also responsible for ensuring that the handling of sensitive company and client information follows company and industry standards. Additionally, this team member works hand in hand with the Information Security team to ensure security technologies are producing necessary and relevant information.
Lead the analysis and investigation of information security events (IPS/NGAV/DLP/NAC/SIEM/etc.), run to ground detected events and eliminate false positives.
Monitor security events daily, performing investigations and working with appropriate team members, business teams and Technology teams to develop solutions that address critical security concerns
Analyze system logs and other event logs to detect nefarious activity
Coordinate investigations and responses to security incidents. Maintains an information security incident/issues log.
Performs forensic research.
Monitors and reports on UHâ€™s Information Security Program metrics by devising metrics/reports, requesting and/or developing metrics/reports, and routinely reviewing and reporting on those metrics/reports.
Observes, monitors, evaluates, and reports security policy compliance.
Work with the business to optimize and automate security-based processes
Helps define UHâ€™s information security architecture with special emphasis on UHâ€™s computer network security.
Maintains a knowledge-base of applicable security laws, regulations, and contractual obligations in conjunction with UHâ€™s Compliance and Law Departments.
Evaluates and recommends new information security policies, procedures, standards, guidelines, tools, technologies, organizational changes, etc.
Coordinate the development and delivery of security mentorship and training to business partners by performing security program presentations, both internally and externally.
Work directly with our internal as well as external customers to understand and resolve their security questions, concerns, and requests.
Actively identify and consult with management and business areas regarding unresolved security exposures as well as misuse or noncompliance situations.
Increases security awareness and fosters an information security culture through training, education, and communication.
Experience & Knowledge:
Minimum 5 years IT experience required.
Minimum 3 years of IT security experience required.
Must have background in administering information security programs including risk assessments, forensic research, designing security architectures, developing policies, gathering metrics, and reporting status.
Prior experiencing working in a security operations center environment.
Demonstrated initiative to learn new technologies.
Excellent written and verbal interpersonal skills, including strong presentation skills.
Demonstrated ability to develop and maintain collaborative working relationships with varying constituencies and teams.
Demonstrated dedication to and leadership of continuous process improvement.
Ability to maintain strict confidentiality and look at all situations objectively
Informal leadership, coaching and mentoring skills. Strong consultative skillset with ability to provide appropriate direction to other IT groups on security matters
Ability to function independently and as a team player in a fast-paced environment required.
Must have strong written and verbal communication skills.
Knowledge of applicable security laws desired.
Healthcare experience preferred, especially in a large hospital setting.
Passion for information security and information assurance
Special Skills & Equipment Knowledge:
Proficiency in operating systems (Windows, Mac, Linux/Unix, mobile), network theory/design, penetration testing, endpoint security monitoring, coding and scripting, reverse engineering of malware, enterprise risk methodologies
Experience with Windows Server and Unix preferred.
Experience with scripting languages (e.g. Powershell, VB, C#) preferred.
Previous experience with end point protection tools (e.g. Antivirus, Antispam) preferred.
Previous experience with IPS, network monitoring tools, and FW rule sets preferred
Previous experience with Web Filtering products preferred.
High School diploma required.
Bachelorâ€™s Degree preferred.
Masterâ€™s Degree preferred.
Credentials, Licensure or Certification (i.e. RN, RRT):
CISSP (Certified Information Systems Security Professional), CCSP (Cisco Certified Security Professional, MCSA: Security / MCSE: Security (Microsoft Certified Systems Administrator / Engineer), CISA (Certified Information Systems Auditor), CISM (Certified Information Systems Manager), or similar information security certification preferred.