• Mission
  • 90000.0000 USD / Year

Had a security analyst leave, this is back open.

Contract to hire, conversion of 85-95k

More technical than operational. Need solid documentation skills. Knowledge/experience of Hipaa and PCI compliance.

2 interview process: 1 with Russ (maybe Chris D), one with rest of the other managers– Alan Krause, Dave Kadel, and David Wolfe. 

Familiarity with HIPAA/HiTrust and/or PCI/NIST/ISO – in other words – familiarity with compliance frameworks, writing compliant policies/procedures, etc.

 

Most important:

Qualifications – bullets 2 and 3

Skills/Certs – bullet 3

Job Description (Analyst)

 

Security Analyst, Enterprise Security

 

Responsibilities:

  • Assist in the incident response process and handle assigned security investigations
  • Monitor the status and functions of security-related tools/controls.
  • Organize and support an enterprise program for technical compliance of servers, network infrastructure and other assigned elements
  • Work closely with various IS operations team members to deploy technical controls to meet specific security requirements
  • Proactively assess and report high-risk threats and vulnerabilities
  • Recommend improvements and upgrades to the organization’s security posture
  • Perform security audit functions and report on compliance as directed
  • Manage the documentation and enforcement of the security configurations for servers and infrastructure

 

Qualifications:

  • Five years experience in technical areas of information security related to management of endpoints, servers and network/computing infrastructure:
  • Technical knowledge of TCP/IP networks, Cisco network infrastructure, Microsoft operating systems, Active Directory, Redhat Linux, and ESX (virtual) environments
  • Familiarity with:
    •  Information security incident response processes and procedures
    • Various types of device and security logs
    • Basic computer and network forensics
    • System patching and vulnerability scanning
  • Proficient with standard Microsoft Office applications (Word, Excel, PowerPoint, Visio)
  • Experience applying and implementing security controls in a regulated environment (Healthcare, Finance, etc)

 

Desired Skills/Certifications:

  • Possession of, or ability to obtain appropriate certifications (CISSP, CISM, MCSE)
  • Experience with compliance and vulnerability scanning tools
  • Experience with formal certification and accreditation programs:
    • HiTrust
    • PCI
    • ISO 27001
  • Experience with one or more of the common scripting languages
  • Industry standard certifications
  • Self-motivated, with the ability to work both in a team and independently
  • Excellent organizational and communication skills