Health Axis Group, a leader in healthcare technology, is searching for an Information Security Analyst I to join our IT Security team. The Information Security Analyst I implements security systems to protect a company or organization’s computer networks from cyber-attacks and help set and maintain security standards. The Information Security Analyst I consults with other IT teams on technical matters of security, providing both routine and emergency after hours support of matters related to enterprise security
- Uses network monitoring tools, SIEM (security incident event monitoring) to carefully examine network traffic and to identify both external and internal threats to ensure security specifications meet the HealthAxis infrastructure guidelines.
- Administer firmware and patch management policies for all operating systems in accordance to the Information Security Policy.
- Administer self-scan audits internally and externally and address all findings.
- Initiate internal and external IT audit preparation and resolutions to findings.
- Monitor controls to maintain data security through enabling/disabling network protocols, port security, restricting access to vLANs, certificate management, MAC filtering and other security controls.
- Apply short-term and long-term changes and enhancements to the infrastructure.
- Engineer solutions that sustain the operational integrity and security of all business systems and networks.
- Installing, administering, and troubleshooting network security solutions.
- Updating software with the latest security patches and ensuring the proper defenses are present for each network resource.
- Performing vulnerability and penetration tests, identifying and defending against threats, and developing disaster recovery plans.
- Configuring security systems, analyzing security requirements, and recommending improvements.
- Monitoring network traffic for suspicious behavior.
- Creating network policies and authorization roles and defending against unauthorized access, modification, and destruction.
- Configuring and supporting security tools, such as firewalls and anti-virus software.
- Administer policies, standards and procedures to manage security functions relative to information technology systems (including systems under development), networks, applications, and voice and data communications that are consistent with applicable regulatory and compliance requirements.
- Understand the threat landscape and attack trends as they relate to intelligence gathering, dissemination and defense coordination.
- Manage identity and access management functions including security administration, access governance, provisioning and access control design and engineering.
- Collaborate with other departments across HEALTHAXIS including Human Resources, Legal, Privacy, Procurement and Compliance to ensure information security alignment across the company.
- Stay up-to-date on information technology trends and security standards.
- 5 years of experience leading teams of technical resources in diverse disciplines is required.
- 2+ years of experience in cyber security or in IT security related field. Experience with infrastructure consisting firewalls, IPS/IDS, web and email filters, antivirus/anti-malware systems. Knowledge of networking, routing in a Microsoft Server domain, AD, Group Policy, virtualization infrastructure.
- Must possess a solid understanding of Information Technology, Information Security, and Risk Management.
- Knowledge of security and control frameworks, such as ISO 17799, COBIT, and NIST CyberSecurity Framework.
- Understanding of Risk management process is preferred.
- Understanding of FAIR (Factor Analysis of Information Risk) is preferred.
- Proficient in Microsoft Office (Outlook, Word, Excel and PowerPoint)
- Excellent oral and written communication skills.
- Strong interpersonal and organizational skills
- Must be a team player, be organized and have the ability to handle multiple projects
- Ability to work independently with minimal supervision or function in a team environment sharing responsibility, roles, and accountability
- Ability to lead without authority and motivate teams to achieve tactical and strategic goals. This is a highly responsible position that requires both quantitative and interpersonal skills.
- Demonstrated project management, organization and facilitation skills.
- High level of personal integrity, and the ability to professionally handle confidential matters and exude the appropriate level of judgment and maturity.
- Information Security certifications such as the Certified Information Systems Security Professional Certification (CISSP) is required or must be obtained within 1 years of acceptance of position.
- Bachelor’s Degree in Business, Computer Science or equivalent experience required.
Equivalent experience is defined as 4 years of professional work experience
- Responsible for driving the HXG culture through values and customer service standards.
- Accountable for outstanding customer service to all external and internal contacts.
- Develops and maintains positive relationships through effective and timely communication.
- Takes initiative and action to respond, resolve and follow up regarding customer service issues with all customers in a timely manner
HealthAxis Group is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, disability status, or membership in any other group protected by federal, state or local law