IT Security Analyst
Employment Type: Full-Time
The Information Security Analyst is responsible for supporting and improving the information security governance, risk, and compliance function.
Develops, implements, and ensures compliance of policies to protect the confidentiality, integrity, and availability of the organization's data. Identifies information risk, recommends appropriate risk treatment plans, and facilitates and monitors risk remediation tasks. Provides security training and promotes security awareness across the organization. Captures and documents results of control testing and facilitates and supports audit activities.
* Management of IT security and IT risk (e.g., data systems, network and/or web) across the enterprise.
* Monitoring and advising on information security issues relating to the systems at company to ensure the internal security controls for the organization are appropriate and operating as intended.
* Participate in the planning, design and implementation of enterprise security architecture.
* Serve as project manager/lead within IT security projects.
* Developing policies, procedures, and standards that meet existing and newly developed policy and regulatory requirements such as HIPAA, HiTRUST and PCI.
* Creating, managing, and maintaining IT security awareness and risk/training curriculum.
* Planning, coordinating, managing, or performing both internal and external security assessments.
* Verifying the security of third-party vendors and collaborating with them to meet security requirements
* Coordinating with users to facilitate the implementation of all information security policies and development of information security standards and procedures.
* Microsoft SCCM
* WinMagic for encryption
* Palo Alto firewall
* Forticlient for malware and certain DLP functions
* FireEye and Barracuda for email security
* Knowledge of Microsoft AD
* Tenable Nessus vulnerability managementJob Requirements
* Typically, seven (7) or more years of information security or compliance experience.
* Experience administering IT security controls in an organization.
* Knowledge of technical infrastructure, networks, databases and systems in relation to IT Security and IT Risk.
* Certified Information Systems Security Professional (CISSP), or related certification.
* Prior experience working within a health service organization preferred.
* Strong communication skills with the ability to influence across multiple levels and departments.
* Experience with information security in Cloud environments (SaaS, PaaS, IaaS) preferred.
- provided by Dice
Loading some great jobs for you...