Mouse over any item on the left to display further information on the right
JOB SUMMARY
The Information Security Analyst I develops, maintains and supports the organization's security requirements and other components of the Information Security Program. Individuals in this role typically work on one or more simple to moderately complex projects / systems / issues related to information security at a time. This role requires minimal to sometimes moderate assistance in completing their assignments.
MINIMUM QUALIFICATIONS
1. Bachelor Degree or technical institute degree/certificate or equivalent work experience.
2. At least three years of relevant IT and Information Security experience.
3. Strong technical written and verbal communications skills.
4. Strong customer service orientation to work collaboratively with users and other technical colleagues.
5. Strong process and project management skills with the ability to improve process efficiency and effectiveness.
6. Basic understanding and implementation capability of security best practices and technology.
7. Above average skill level for performing cost-benefit analysis, business cases development, and security risk analyses.
8. Strong analytical skills.
DUTIES AND RESPONSIBILITIES
1. Security Controls Management
o Reviews and makes recommendations regarding requests (waivers) for security technology or practices that deviate from established architecture and technology standards.
o Troubleshoots and diagnoses simple to moderately complex problems related to information security with minimal to moderate assistance. Researches, reports, and responds to information security events and incidents at all levels of the organization.
o Participates in activities that analyze components of the Information Security Program to identify weaknesses and develop opportunities for improvement (evaluation process).
o Participates in development of security requirements regarding firewall maintenance and rule setting, intrusion detection, filter creation and e-mail scanning, as well as, appropriate encryption requirements and requirements for other security solutions.
o Participates in monitoring and tracking of computer emergency response team (CERT) advisories, security relevant technical bulletins, and other security advisories and information.
o Participates in reviews of system log activity for user accounts and privileged accounts.
o Participates in reviews of user activity related to access authorization and utilization.
2. Policy, Procedure and Guideline Development and Security Awareness Activity
o Participates in the development of the organization's information security policy & procedures and updates the policy & procedures as HMSA's business objectives, security environment and technology base evolve.
o Provides policy & procedure interpretation, clarification and technical information security guidance to managers, data owners, project leads, application development teams, system operators and users.
o Provides consultation to IS teams regarding security requirements and provides recommendations that support the business. Explains security capabilities.
o Participates in the development and implementation of the security awareness program.
o Collects metrics information to measure and report the effectiveness of security solutions.
o Develops special security certifications, reports and maintenance plans required to meet the compliance and audit standards and requirements of Federal, State, and Healthcare industry.
3. Performs other duties as assigned by the Information Protection Manager.
Submit your resume to jobs@hmsa.com. Click on link below.
