Security Analyst

Pay: $115k+ yearly
Location: 100% Remote, MUST work EST
Duration: Direct Hire

Summary

Assist a member of a dynamic team responsible for protecting information, managing vendor relationships, and ensuring program security.   As part of the IT Security team, this role will have responsibility for protecting all data ingress/egress, at rest, PHI/PII and all aspects of cyber security . Additionally, this role will be required to prepare for penetration tests, SOC I audits, 3rd party audits, vendor security assessments and other formalized reporting requirements,.   Engages with internal and external parties to satisfy requirements related to information, personnel and security program issues.  May develop educational material, which initiates, indoctrinates or refreshes the knowledge about cybersecurity security policy.
 
Minimum Qualifications:

• 5+ years of hands-on cybersecurity/information security analysis in a Windows-centric environment
• Experience implementing security best practices to provide strong end-to-end solutions
• Experience with creating security response  automation processes, sourced from various internal and external entities
• Experience with Kanban board, Azure DevOps, or similar
• Demonstrated understand of accessibility and security compliance
• Hands-on experience with Azure and/or AWS a plus
• Knowledge, Skills and Abilities
• Security Monitoring and Incident Response:
• Monitor and analyze security alerts and events from various sources, including security information and event management (SIEM) systems.
• Respond promptly to security incidents, conducting investigations, and implementing corrective actions.
• Collaborate with cross-functional teams to contain and eradicate security threats.

Responsibilities:
Vulnerability Management:

• Conduct regular vulnerability assessments and penetration testing to identify and address potential security weaknesses.
• Work with system administrators and application developers to remediate identified vulnerabilities.
• Stay current on emerging threats and vulnerabilities to proactively address potential risks.

Security Policy and Compliance:

• Develop, implement, and enforce security policies, procedures, and standards.
• Take ownership of SOC audit process and adherence to IT security controls.
• Ensure compliance with relevant regulations and industry best practices.
• Conduct regular audits to assess adherence to security policies and standards.

Security Awareness and Training:

• Develop and deliver security awareness programs to educate employees on security best practices.
• Provide training to staff on security policies, procedures, and protocols.
• Foster a culture of security awareness and compliance throughout the organization.

Security Architecture and Design:

• Collaborate with IT teams to integrate security measures into the design and implementation of systems and applications.
• Participate in the evaluation and selection of security technologies and tools.
• Provide expertise in the development of secure architectures.
• Incident Documentation and Reporting:
• Document security incidents, investigations, and resolutions thoroughly.
• Prepare and present security reports to management, highlighting key metrics and trends.
• Collaborate with legal and compliance teams on incident reporting requirements.

Other Security Areas of Focus:

• Manage sensitive data related to HIPAA, PHI, PII and proprietary company information.
• Experience with project management; meeting deadlines, documentation, collaboration and communication models
• Experience with vendor relationships, time management, ability to work on simultaneous tasks and managing multiple competing priorities
• Ability to work in an autonomous team atmosphere
• Ability to work in project-based and ad-hoc technical need environment