Senior Information Security Analyst

The Sr Information Security Analyst is responsible for monitoring and analyzing the Point32Health information security environment, investigating suspicious activity and suspected security incidents, and developing security measures to safeguard the confidentiality, integrity, and availability of corporate information and data. In this role you will be expected to work independently with minimal direction under the guidance of senior staff. Reporting to the Cybersecurity Manager – Threat Management, the Sr Information Security Analyst will work closely with other cybersecurity and IT teams to protect the Point32Health environment.

Key Responsibilities/Duties – what you will be doing

• Monitor security systems to identify potential security events and conduct investigations to assess impact and root causes.
• Communicate potential security exposures, misuse, or noncompliance to appropriate managers, and capture and report security metrics.
• Monitor cybersecurity trends and changes in the threat landscape, and assess potential uses of new technologies to meet evolving threat group tactics, techniques, and procedures.
• Analyze business requirements and risks to technology implementation for security-related issues.
• Support skills development of more junior team members and engage in mentoring where appropriate.
• Develop, test, and deploy security monitoring and alerting capabilities according to defined security use cases.
• Document and ensure accuracy of security operations procedures.
• Support audit activities, both internal and external as required.
• Lead issue-specific project/taskforce teams with responsibility for completion of all assigned project-related tasks.
• Train information owners in the implementation of necessary security controls by developing and presenting information security awareness.
• Work collaboratively across cybersecurity and technology teams to address identified shortcomings, discover improvements, and enhance the collective knowledge and capability of Point32Health’s technology-focused teams.

Qualifications – what you need to perform the job

Education, Certification and Licensure

• Bachelor’s degree in computer science, cybersecurity, or equivalent experience.
• At least one cybersecurity-related certification (e.g., GCIH, GCFA, CISSP)

Experience (minimum years required):

• Minimum 5 – 7 years in a real time cybersecurity operations setting, preferably in healthcare, financial services, or government/law enforcement.

Required Skills & Abilities

• Strong analytical and critical thinking skills, capable of conducting investigations independently through their logical conclusions.
• Familiarity with operating system fundamentals, networking concepts, and cybersecurity principles.
• Significant experience using Microsoft security tool suite.
• Successful record of conducting incident response investigations, including principles of evidence, investigative objectivity and comprehensiveness, and a keen eye for detail.
• Excellent written and oral communications skills, with the ability to convey complex concepts to both technical and non-technical audiences.
• Specific working knowledge of and experience in the following areas:
  • Cloud security
  • Active Directory
  • Vulnerability scanning and management
  • Intrusion Detection/Prevention System
  • Virus & malware protection
  • Advanced Threat Protection
  • Data Loss Prevention
  • Microsoft Office365
  • Security Information and Event Management (SIEM)
  • Windows and UNIX operating system environments

Desired Skills & Abilities

• Experience with forensics and eDiscovery activities and tools.
• Threat intelligence principles, including experience with threat intelligence platforms and IOC management.

Commitment to Diversity, Equity & Inclusion

Point32Health is committed to making diversity, equity, and inclusion part of everything we do—from product design to the workforce driving that innovation. Our DEI strategy is deeply connected to our core values and will evolve as the changing nature of work shifts. Programming, events, and an inclusion infrastructure play a role in how we spread cultural awareness, train people leaders on engaging with their teams and provide parameters on how to recruit and retain talented and dynamic talent. We welcome all applicants and qualified individuals, who will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Who We Are

Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.

We enjoy the inportant work we do every day in service to our members, partners, colleagues and communities.

This job has been posted by Ignyte AI on behalf of Point32Health. Ignyte AI is committed to the fundamental principle of equal opportunity and equal treatment for every prospective and current employee. It is the policy of Ignyte AI not to discriminate based on race, color, national or ethnic origin, ancestry, age, religion, creed, disability, sex and gender, sexual orientation, gender identity and/or expression, military or veteran status, or any other characteristic protected under applicable federal, state or local law.

Req ID: R8090