Information Security Analyst

About The Position

Requirements

• Bachelor’s degree in Information Systems, Security, Business, Engineering or related field from an accredited college or university and three (3) to five (5) year of IT Security or Technical Support or an equivalent combination of education, certification, training and/or experience.
• Knowledge and experience in complex systems, platform engineering, servers/storage, network and data center operations
• Knowledge in information security management and systems monitoring tools
• Knowledge of information security best practices
• Knowledge and experience in IT within a healthcare or non-profit organization
• Knowledge of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU GDPR, HIPAA, and PCI DS
• Knowledge of computer-related security systems including firewalls, encryption and password protection and authentication
• Strong analytical and problem-solving skills
• Ability to deliver high quality customer service and support
• Ability to work in a team setting and under tight deadlines
• Ability to commute with personal transportation
• Proficient in Microsoft Office Suite or related software
• Excellent verbal and written communication skills
• Ability to commute with personal transportation
• Ability to travel 33% of the time

Nice To Haves

• CISM (Certified Information Security Manager) or CISA (Certified Information Systems Auditor) preferred

Responsibilities

• Collaborates with users regarding computer data access needs, to identify security threats and violations, and to identify and recommend needed programming or process changes
• Uses data encryption, firewalls, and other appropriate security tools and applications to conceal and protect transfers of confidential digital information
• Develops and implements plans to safeguard digital data from accidental or unauthorized modification, destruction, or disclosure; adheres to emergency data processing needs
• Reviews violations of security procedures; provides training to ensure violations do not recur
• Monitors and restricts access to sensitive, confidential, or other high-security data
• Modifies security files and applications as able and necessary to provide specialized access, allow new software to be installed or integrated, or correct errors
• Performs risk assessments, audits, and tests to ensure proper functioning of data processing activities and security measures
• Safeguards system security and improves overall server and network efficiency by training users and promoting security awareness
• Determines when to update virus protection systems by monitoring current reports of computer viruses; facilitates or performs needed updates.