Senior Information Security Analyst
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Portland, ME 04104
The successful candidate will assist in the development and implementation of the Information Security program. The Senior Information Security Analyst will be a key contributor in developing security policies, monitoring and analyzing traffic and logs, automating data collection and processes, and assist in protecting the organization’s IT systems and software from malicious activity and technology breaches. Participates and leads security risk assessments, perform and analyze vulnerability scans, work with others in IT and the business to re-mediate and eliminate risks. The Senior Information Security Analyst is responsible for providing expert technical knowledge, standards development, program development, risk assessment, data analysis, reporting, and awareness education related to information security.
Assist in leading in monitoring SIEM, IDS/IPS, endpoint protections, and identity management solutions.
Assist in leading the data engineering for the analysis, visualization and orchestration of security logs and events.
Assist in leading efforts in monitoring and auditing information systems, networks, and databases to identify and isolate occurrences of unauthorized activity; prepares and coordinates corrective actions.
Assist in leading and conducting security assessments and audits, penetration testing, IT forensic investigations and incident management.
Perform and/or coordinate regular security assessments of existing or new infrastructure or applications.
Assist in leading and coordinating response to information security incidents and threats
Assess, manage, and coordinate information and cyber vulnerabilities throughout the organization.
Has a thorough understanding of the latest security exploits and how to prevent or detect them.
Develops, defines, reviews and enforces information security policy, standards and guidelines for business operations and technology implementations.
Proactively identifies information and IT security risks including IT technical implementations or business processes.
Coordinates group-wide and company-wide information security matters such as incident response, intrusion detection management, and cyber security advisories.
B.S. or B.A. degree in CIS, CS, Business Administration, or similar, or combination of equivalent education and experience.
6-10 years of experience with information security technologies, security monitoring, incident response, open source technologies, and various operating systems.
Healthcare experience and familiarity with HIPAA/HITECH, PCI-DSS, and/or NIST 800-171 is required.
Required License(s) and/or Certification(s):
Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), and/or Certified Information Systems Auditor (CISA) is highly desired.
We are an equal opportunity/affirmative action employer.