$80K — $100K *
The Cyber Security Analyst participates in establishing and maintaining the corporate-wide Cyber Security program to ensure information assets are adequately protected. The Cyber Security Analyst is responsible for ensuring the confidentiality, integrity, and availability of companywide security devices. With oversight from the Cyber Security Operations Manager, the Cyber Security Analyst will actively participate in supporting security assessments of systems to identify vulnerabilities, remediation strategies, and assisting system owners in implementing effective safeguards. The Analyst will participate and support incident response activities, analysis, remediation, mitigation, and assist with lessons learned activities.
• Provides input to and maintains Hoag Cyber Security policies, procedures, standards and guidance consistent with Hoag and regulatory requirements.
• Participates in operations of Cyber Security components such as firewalls, VPN, DLP, end point protection, Security Information and Event Management (SIEM), Threat and Vulnerability Management, Web Application Firewalls (WAF), Intrusion Detection/Prevention Systems, Big Data Platforms, and Cloud Security solutions.
• Partners internally and externally to make effective business decisions.
• Adapts to competing demands and new responsibilities.
• Works across teams and/or multiple stakeholders (internal and/or external) to ensure deliverables are complete within specified required timeframes
• Supports in the development of Hoag Cyber Security strategies at the direction of the Chief Information Security Officer.
• Participates and provides support for Cyber Security Incident Response activities.
• Provides Cyber Security analytical support to assigned project teams.
Job Specific Essential Functions:
• Supports and participates in the operations and optimization of all Cyber Security hardware and software.
• Analyzes security events and incidents.
• Adheres to plans, objectives, scope, schedules, and initiatives.
• Provides analyses for cyber security initiatives and operations.
• Performs ad hoc testing at the direction of leadership to assist with incident response and vulnerability remediation.
• Tests security controls (technical, operational, managerial) to determine alignment against regulatory requirements (e.g., NIST CSF, HIPAA, HITRUST, PCI).
• Provides input to documentation for remediation and participates in developing corrective action plans following assessment activities in response to identified vulnerabilities.
• Performs operations of Cyber Security technologies that supports the security of information and systems, including but not limited to:
o Intrusion Prevention Systems
o Access Control
o Network Security
o Malware Prevention
o Data Loss Prevention
• Identifies issues, areas for improvement, gaps, and provides suggestions for appropriate improvements.
• Clinical Care: Ensure that quality patient care is delivered to all patients on a 24-hour basis, and the unit is maintained in accordance with professional and regulatory standards and the philosophy and goals of Hoag.
• Position may require local travel between various locations.
• Position requires participation in a 24/7 department. Position may require participating in meetings outside of normal business hours and/or alternate shifts including occasional evenings and/or weekends.
• Performs other duties as assigned.
Education, Training and Experience
• Bachelor's degree in Cyber Security, Computer Science, Computer Information Systems, Engineering, Business, or related technical field.
• A minimum of four to seven (4-7) years of business/industry experience. Additional equivalent work experience may be substituted for the degree requirement.
• Experience with cyber security tools, process, methodologies and frameworks.
• Experience working in Cyber Security Operations.
• Master’s degree in cyber security, Computer Science, Computer Information Systems, Cyber Security, Cyber Forensics, Engineering, Business, or related technical field.
• Two to four (2-4) years with Cyber Security operations.
• Two to four (2-4) years translating business requirements and priorities into cyber security standards.
• Two to four (2-4) years of work experience in vulnerability assessment and/or penetration testing, digital forensics, or incident response.
• Experience in a hospital or health care related organization of similar size and complexity.
Skills or Other Qualifications
• Strong analytical, statistical, systems, technology, and cyber security knowledge.
• Experience with health care or regulatory mandates and information management.
• Strong leadership and communication skills required – oral, written and presentation.
• Ability to effectively interact with multiple business units, partners, and external entities.
• Exceptional client service focus and/or ability.
Valid through: 5/18/2021