Information Security Analyst
Click the Facebook, Google+ or LinkedIn icons to share this job with your friends or contacts. Click the Twitter icon to tweet this job to your followers. Click the link button to view the URL of the job, which then can be copied and pasted into an e-mail or other document.
Portland, ME 04104
MPHC is seeking two, entry-level, information security analysts to join our growing IT Security Team! Work history in an IT healthcare setting is highly desirable. Should you meet the job requirements below, please submit an application today for immediate consideration!
The successful candidate will assist in the development and implementation of the Information Security program. The Information Security Analyst will be a key contributor in developing security policies, monitoring and analyzing traffic and logs, and assist in protecting the organization’s IT systems and software from malicious activity and technology breaches. With general guidance and coaching, participates in and perform security risk assessments, perform and analyze vulnerability scans, work with others in IT and the business to remediate and eliminate risks. The Information Security Analyst is responsible for providing expert technical knowledge, standards development, program development, risk assessment, reporting, and awareness education related to information security.
Monitors SIEM, IDS/IPS, endpoint protections, and identity management solutions
Monitor and audit information systems, networks, and databases to identify and isolate occurrences of unauthorized activity; prepares and coordinates corrective actions
Conducts security assessments and audits, penetration testing, IT forensic investigations and incident management
Perform and/or coordinate regular security assessments of existing or new infrastructure or applications
Coordinate response to information security incidents and threats
Assess, manage, and coordinate information and cyber vulnerabilities throughout the organization
Has a thorough understanding of the latest security exploits and how to prevent or detect them
Develops, defines, reviews and enforces information security policy, standards and guidelines for business operations and technology implementations
Proactively identifies information and IT security risks including IT technical implementations or business processes
Coordinates group-wide and company-wide information security matters such as incident response, intrusion detection management, and cyber security advisories
Proactively monitors and reports on internal and external threats
Assist with the creation of the long-term information security roadmap
Participate in the rotating “on call” schedule with other members of the team for providing support to the business and partners
Performs other duties as assigned
B.S. or B.A. degree in MIS, CIS, CS, or equivalent combination of education and experience
3-5 years experience with and combinations of information security methodologies, risk assessments, business continuity, policy and technical reporting writing, information security technologies, security monitoring, incident response, open source technologies, and various operating systems
Healthcare experience and familiarity with HIPAA/HITECH, PCI-DSS, NIST 800-171, and NIST 800-53 is highly desirable
Required License(s) and/or Certification(s):
Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), Certified Information Systems Auditor (CISA), and/or Certified in Risk and Information Controls (CRISC) is a plus.
We are an equal opportunity/affirmative action employer.