Information Security Analyst

Martin's Point Health Care Portland , ME 04101

Posted 2 months ago

Join Martin's Point Health Care - an innovative, not-for-profit health care organization offering care and coverage to the people of Maine and beyond. As a joined force of "people caring for people," Martin's Point employees are on a mission to transform our health care system while creating a healthier community. Martin's Point employees enjoy an organizational culture of trust and respect, where our values - taking care of ourselves and others, continuous learning, helping each other, and having fun - are brought to life every day. Join us and find out for yourself why Martin's Point has been certified as a "Great Place to Work" since 2015.

Position Summary

This a great opportunity to join one of the best IT Security Teams in ME! Don't wait to apply, this position will be filled quickly. Apply today for an immediate review of your application!

Job Description

Position Summary:

The successful candidate will assist in the development and implementation of the Information Security program. The Information Security Analyst will be a key contributor in developing security policies, monitoring and analyzing traffic and logs, and assist in protecting the organization's IT systems and software from malicious activity and technology breaches. With general guidance and coaching, participates in perform security risk assessments, perform and analyze vulnerability scans, work with others in IT and the business to remediate and eliminate risks. The Information Security Analyst is responsible for providing expert technical knowledge, standards development, program development, risk assessment, reporting, and awareness education related to information security.

Key Outcomes:

  • Monitors SIEM, IDS/IPS, endpoint protections, and identity management solutions.

  • Monitors and audits information systems, networks, and databases to identify and isolate occurrences of unauthorized activity; prepares and coordinates corrective actions.

  • Conducts security assessments and audits, penetration testing, IT forensic investigations and incident management.

  • Performs and/or coordinates regular security assessments of existing or new infrastructure or applications.

  • Coordinates response to information security incidents and threats.

  • Assesses, manages, and coordinates information and cyber vulnerabilities throughout the organization.

  • Has a thorough understanding of the latest security exploits and how to prevent or detect them.

  • Develops, defines, reviews and enforces information security policy, standards and guidelines for business operations and technology implementations.

  • Proactively identifies information and IT security risks including IT technical implementations or business processes.

  • Coordinates group-wide and company-wide information security matters such as incident response, intrusion detection management, and cyber security advisories.

Education/Experience:

  • B.S. or B.A. degree in CIS, CS, Business Administration, or similar, or combination of equivalent education and experience.

  • 3-5 years experience with information security technologies, security monitoring, incident response, open source technologies, and various operating systems.

  • Healthcare experience and familiarity with HIPAA/HITECH, PCI-DSS, and NIST 800-53 is highly desirable.

  • In compliance with MPHC's Department of Defense government contract, any/all persons hired for this position will need to verify their US citizenship and complete the required employment eligibility verification upon hire.

Required License(s) and/or Certification(s):

  • Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), and/or Certified Information Systems Auditor (CISA) is a plus.

We are an equal opportunity/affirmative action employer.

Do you have a question about careers at Martin's Point Health Care? Contact us at: jobinquiries@martinspoint.org

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Information Security Analyst

Wipfli LLP

Posted 6 months ago

VIEW JOBS 5/19/2021 12:00:00 AM 2021-08-17T00:00 At Wipfli, people count Our people are core to everything we do - the catalyst behind our ability to create exceptional impact and extraordinary results. We believe in flexibility. We focus on relationships. We encourage each individual to follow their own path. And we seek feedback openly, from all. People matter here and they feel it. And we value curiosity. Curious is more than a personality trait. It's a way of thinking. Of learning. Of working. There's purpose in this wonder. It makes us better. It makes us Wipfli. If you want to be in an environment where you can make a difference - and make a professional home - Wipfli is the place for you. Check out our Glassdoor Reviews to hear what people are saying about employment at Wipfli! Responsibilities: The ideal candidate will operate in one or more of the following cybersecurity disciplines: Threat Hunting: Increase the firm's ability to detect attacks by participating in the Security Operations function via threat hunting and investigations. * Build and execute threat hunting use cases using SIEM, data analytics, and other capabilities within the firm's security tech stack. * Improve the firm's ability to protectively detect threats by helping to build SIEM alerting and other content. * Conduct investigations into possible threat actor or otherwise suspicious activity. Cyber Threat Intelligence: Improve the firm's ability to actualize threat intelligence by processing threat intelligence reports, tracking relevant and observed threat actor behavior, and provide mitigation and other guidance. * Review relevant threat intelligence reports and provide actionable recommendations. * Use firm's Threat Intelligence Platform to manage observed threat actor behavior and indicators of compromise. * Provide use case guidance for both threat hunting and red/purple team engagements based on relevant threat information. Penetration Testing and Vulnerability Assessments: Help prevent security incidents by identifying, reporting, and tracking the remediation status of security vulnerabilities, control failures, and other relevant issues by performing penetration tests and other assessments of services, products, infrastructure, and environments. * Identify exploitable vulnerabilities and simulate real world attack scenarios by performing penetration tests and other assessments of services, products, infrastructure, and environments. * Perform product security assessments as apart of due diligence efforts. * Conduct Web App Assessments against custom and COTS applications. * Review and report on the results of regular internal and external vulnerability scans. Work with other Firm departments, such as the Internal Information Technology team, to ensure identified vulnerabilities are resolved in a timely manner. Qualifications: * Associates Degree in Information Technology/Security or equivalent work experience * Related experience in one or more the previously noted cybersecurity disciplines. * Strong sense of curiosity and a perpetual learner * Strong understanding of threat actor TTPs and the MITRE ATT&CK framework. * Scripting using languages such as Python, Ruby, Perl, PowerShell, Java, or VBScript. * Strong communication skills (written and verbal). * Technology: * Kusto Query Language and KQL based security tools * Metasploit, Kali Linux, Nesses, IP360, Burp Suite, Cobalt Strike, and Nmap * Endpoint Detection and Response * SIEM Our recruiting team will guide you through our evaluation and interviewing process. We will communicate an update on your status as soon as possible. The recruiting team member guiding you through this process is Jane Welch, and you can find her on LinkedIN Here. She is based in our Madison, WI office and looks forward to guiding you through this process. Wipfli is an equal opportunity/affirmative action employer. All candidates will receive consideration for employment without regards to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability, or any other characteristics protected by federal, state, or local laws. Wipfli LLP South Portland ME

Information Security Analyst

Martin's Point Health Care