This is a 6 month engagement for one of our premier clients, with the possibility for hire.
Who is CynergisTek?
CynergisTek is a top-ranked cybersecurity and information management consulting firm dedicated to serving the healthcare industry. CynergisTek offers specialized services and solutions to help organizations achieve privacy, security, compliance, and document output goals. Since 2004, the company has served as a partner to hundreds of healthcare organizations and is dedicated to supporting and educating the industry by contributing to relevant industry associations.
CynergisTek is seeking a Security Analyst to provide support for front-line monitoring and analysis of data feed from various security tools, threat monitoring programs, and risk sources. The IT Security Analyst will be responsible for assimilating data from various feed and help determine if the collection data points are evidence of a direct attack or a rogue actor attempting to find vulnerabilities in the system.
What You Will Do
Perform regular vulnerability scanning, penetration testing, and security assessments in support of customer and compliance requirements.
Aligns security requirements with ongoing project level work and leads project management, coordination of security-focused efforts.
Work with IT PMO and Infrastructure/Application teams to ensure security requirements are in place and practiced
Lead investigation of suspected security incidents and alerts escalated from junior team members and the SOC.
Analyze security breaches to determine their root cause.
Manage and administer vulnerability scanning, incident response tracking, and other security software/systems.
Protect data and information systems against unauthorized access, modification or destruction.
Maintain metrics and prepares reports as directed by senior team members.
Perform acceptance testing of systems prior to production use.
Participate in the evaluation and testing of security solutions and services.
Provide on-call support on security issues during non-business hours may be required.
Who We Are Looking For
Bachelor's degree in a computer-related field preferred, or equivalent experience.
2 years of technical IT experience AND 3-5 years of information security experience.
Security certifications are a plus, for example: CEH, GCIH, GCIA or CISSP.
Experience interpreting vulnerability scans, determining appropriate remediation procedures, communicating them to system owners, and maintaining metrics.
Demonstrated Incident Response leadership and investigation skills.
Functional knowledge of network packet captures and analysis of them to support incident forensics.
Functional knowledge of Windows server and desktop operating systems.
Experience designing and implementing security solutions for Windows, Macintosh, and Linux technologies.
Understanding of mobile device security issues and management or remediation solutions.
ABOVE AND BEYOND
Certifications that are a plus, but not required: OSCP, GPEN or GCFE/GCFA.
Penetration testing (red team) skills.
Experience managing Linux distributions and security tools developed for them.
Experience using scripting languages to automate security functions and reporting.
Experience programming PHP, Java, Perl, Python, C++, C# or .NET
Experience with secure coding requirements such as OWASP top ten.
Information Security experience in Healthcare. Knowledge of healthcare specific regulations and frameworks such as HIPAA security, HiTech, or HiTrust.
Why Join Us?