Information Security Analyst (Temporary)

Broad foundation across multiple areas of information security (network security, endpoint protection, identity and access management, cloud security) in a healthcare environment Strong knowledge of security frameworks (NIST, ISO 27001, CIS Controls) and regulatory requirements (HIPAA, PCI-DSS, GDPR) Skilled in monitoring, analyzing, and responding to security incidents using SIEM tools and other detection technologies Able to perform vulnerability assessments, interpret findings, and recommend practical remediation steps Comfortable with both proactive (risk assessments, audits, security awareness training) and reactive (incident response, forensic analysis) security functions Effective communicator who can explain technical risks and solutions to both technical teams and non-technical stakeholders Strong problem-solving mindset and attention to detail; able to anticipate threats and implement preventive measures Demonstrated ability to collaborate across IT, compliance, and business units to align security with organizational goals Keeps current with emerging cyber threats, trends, and best practices Knowledge of HIPAA and FISCAM security guidelines Knowledge of computer network penetration testing Knowledge of security frameworks (NIST, ISO 27001, COBIT) Knowledge of Firewalls, proxies, SIEM, antivirus, and IDPS concepts Knowledge of security systems, operating systems, and virtualization Ability to identify, mitigate and educate staff regarding the avoidance of network vulnerabilities Ability to write clearly, concisely and precisely and convey information to the intended audience in a manner that is easily understood Ability to interpret and synthesize a wide range of information from a variety of sources and translate complex information and concepts into clear, succinct documentation Ability to develop training materials and conduct staff training Ability to demonstrate strong analytical and problem-solving skills, define issues, conduct research, and analyze and interpret data Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field A minimum of eight years of professional-level information technology experience, which included a minimum of three years of experience performing information security functions in a health care environment (a Master’s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying.

Performs analysis of Alliance information security practices to ensure alignment with industry standards and guidelines Identifies, investigates, and resolves security breaches detected by Alliance security solutions Participates in the creation and maintenance of policies, standards, guidelines, and procedures related to information security Leads and performs staff training on information security and security breach prevention