Information Security Analyst

Bachelor's degree in IT, Cybersecurity, Computer Science, or related field (Master's degree may substitute for 2 years of experience) 8 years of professional-level IT experience At least 3 years performing information security functions in a healthcare environment Current CISSP, CISM, or CEH certification required Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts Proficiency in virtualization and Windows-based systems In-depth knowledge of HIPAA and FISCAM security guidelines Working knowledge of frameworks such as NIST, ISO 27001, or COBIT

Monitor computer networks for security issues Lead investigation of breaches Document damage assessments Assess efficacy of existing security measures against HIPAA and FISCAM standards Conduct proactive system vulnerability audits Manage annual penetration testing with vendors Participate in evaluation, design, and implementation of new security solutions (firewalls, data encryption) Analyze software and systems requirements for security risks Develop remediation options for management Assist with development of security policies, procedures, and standards Maintain documentation of computer security procedures and tests Develop training materials on data security Provide training on detecting and avoiding phishing attempts