IT Security Analyst

IT Security Analyst Independence, OH Job Details Full-time 1 day ago Qualifications Network administration Penetration testing Certified Information Systems Auditor Audit report preparation Customer service Software deployment IT system monitoring Regulatory compliance CISSP Compliance audits & assessments HIPAA Research Mid-level Software installation 3 years Information security compliance Incident response IT experience within healthcare System risk assessment (security system operation) CompTIA Network+ Splunk Incident Investigation Software development Vulnerability management IT Security System Administration (security operations) Data collection Data Loss Prevention Root cause analysis Log analysis Associate's degree CompTIA Security+ Healthcare compliance Information security auditing Python Hospital experience IT security monitoring Full Job Description

POSITION TITLE

IT Security Analyst Supervised by:

IT Infrastructure Team Lead Supervises:

N/A Status:

Full-Time, Exempt

POSITION SUMMARY.

The IT Security Analyst's role is to monitor computer networks and systems for security incidents and events and remediate them to the best of their ability. They may identify compromised systems and report on security measures taken to address threats. This role will also analyze security risks and develop response procedures. Additional duties may include developing and testing software deployment tools, firewalls and intrusion detection systems. They will also configure and maintain security software or devices to ensure the safety of company software, systems, and information. This role may also include the exercise of discretion and independent judgment with respect to matters related to software installation or network administration. JOB DUTIES and

ESSENTIAL FUNCTIONS. A

qualified individual must be able to perform the essential functions of the job as listed, with or without accommodation. (An Asterisk (

• ) Identifies an Essential Function) Analyzes security incidents and performs root cause analysis. (
• ) Collects intrusion artifacts and uses discovered data to enable mitigation of potential cybersecurity defense incidents within the enterprise.

Uses data collected from a variety of cyber defense tools to analyze events that occur for the purposes of mitigating threats. Monitors external data sources to maintain the currency of cybersecurity defense threat condition and determine which security issues may have an impact on the enterprise. Performs and supports security operations. (

• ) Conducts and manages vulnerability management. Conducts and manages anti-virus management. Manages penetration testing and helps to remediate findings as needed. Performs assessments and reviews. (
• ) Conducts software reviews from a security perspective. Performs internal and external security audits. Presents audit findings with summaries and reporting. Writes and submits cybersecurity defense techniques, guidance, and reports on incident findings to appropriate constituencies. Supports projects and continuous Improvement. (
• ) Researches, evaluates, designs, tests, recommends, and plans implementation of new or improved network security software or devices.

Analyzes new or enhanced software application or tool implementations to verify they meet existing network security requirements. Examines network topologies to understand and document data flows through the network and recommend changes as needed.

Competencies:

Initiative and accountability SIEM Management DLP Process and Technology Risk Analysis IAM Best Practice Network Security Documentation and Training (including user training on security topics) Vulnerability management Supervisory Responsibility. This position has no supervisory responsibilities.

QUALIFICATIONS.

Required Education and Experience:

Associates Degree and certificates in computer related field or equivalent. 1-3 years in an IT Security role. Strong customer service and Information technology acumen.

Preferred Education and Experience:

Security certification including Network+, Security+, CISA, CISSP or equivalent. Previous experience in Hospital & Healthcare, Computer Software industries. Familiarity with HIPAA and STIG compliance standards. Bachelor's degree with 3-5 years applicable experience. Experience with SIEM (Splunk), DLP (Forcepoint), log review, STIG standards and vulnerability management (Tenable), Pen Testing, AV Management, software security evaluation, Python Work Environment. This job operates in a blend of professional office and home office environments. Incumbent will use standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines. Physical Demands. While performing the duties of this job, the employee is regularly required to talk or hear. The employee frequently is required to sit for long periods of time, stand; walk; use hands to finger, handle or feel; and reach with hands and arms. The employee is occasionally required to climb or balance; and stoop, kneel, crouch or crawl. The employee must occasionally lift and/or move up to 10 pounds and occasionally lift and/or move up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, color vision, peripheral vision, depth perception and ability to adjust focus. Position Type and Expected Hours of Work. This is a full-time position, and hours of work and days are typically Monday through Friday, 8:30 a.m. to 5 p.m. Some flexibility in hours is allowed, but the employee must be available during the "core" work hours of 9:00 a.m. to 3:30 p.m. and must work 40 hours each week to maintain full-time status. Occasional evening and weekend work may be required as job duties demand. Travel. The IT Security Analyst may be required to travel from time to time as it relates to job related conferences and or continuing education. Work Authorization. In compliance with Federal employment laws, MediQuant will verify the identity and employment authorization of each person hired. MediQuant participates in the Federal E-Verify program. Security Clearance. Must be able to pass all security clearances mandated by various government contracts as well as any client hospital/healthcare security requirements. Any employee working on government projects will be required to successfully pass a government background check and receive a Common Access Card (CAC). Additionally, the applicant must be a U.S. citizen and will be subject to a Public Trust security background investigation and must meet requirements to obtain a Department of Defense (DOD) network account. AAP/EEO Statement. MediQuant, Inc. is an equal opportunity employer. Compliance. Employee shall comply with all MediQuant policies, state and federal laws, regulations, and contractual obligations when accessing MediQuant or client Confidential Data, Confidential Information, and Information Assets. Other Duties. Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time.