Job Description :
Title : IT Security Analyst III
This position is a lead security analyst within IT Security Governance.
Responsibilities:
· Review and recommend FireWall change requests
· Monitor and escalate as appropriate intrusion detections
· Review security related application incidents and notify application owners and IT Security Governance
· Review and approve access requests (RFP''s)
· Provide Role Based Access Control (RBAC) to individual users and perform recertification based on segregation of duties and roles
· Maps work flows in provisioning users into our systems and infrastructure
· Comply with internal and external audit requests
· Monitor the effectiveness of the Enterprise wide information security program
· Provide data for audit indicating changes made to access control lists to facilitate audits and other investigations
· Participate in investigating possible security violations
· Track and maintain operational security access metrics
· Document and create work flow diagrams showing the production of, transmission and use of electronic Protected Health Information (ePHI) and other sensitive information
· Provide guidance and direction regarding security control elements in policies throughout the organization
· Understand relevant business processes and their implications on information security
· Maintain information security risk identification, tracking and mitigation processes
· Provide input to the information security awareness, training and education program
· Assist in development of accurate and relevant information security process and operational metrics
· Assist in defining monitoring measures to detect and ensure correction of security breaches and policy violations
· Proactively keep current on information security issues related to business processes as input into departmental policies and procedures
· Monitor the effectiveness of the Enterprise wide information security program
Knowledge/Skills:
· Requires a solid understanding of IT security concepts with an emphasis on Security and Risk Assessment
· Requires solid knowledge of IT and computer systems
· Requires a solid understanding of internal and external audit process
· Requires broad understanding of Public Key Infrastructure (PKI), encryption, network security controls tools and functionalities
· Requires familiarity with HIPAA security rules and National Institute of Standards and Technology (NIST) standards
· Requires familiarity with Identity Management (IDM) concepts
· Requires strong analytical thinking skills
· Requires excellent verbal and written communication skills
· Requires excellent interpersonal skills and the ability to work effectively with others as a team
· Requires excellent PC skills and demonstrated proficiency with MS Office Suite
· Requires the ability to handle multiple tasks and prioritize effectively
Education/Experience:
· Requires Bachelor''s degree, preferably in Computer Science, from an accredited college or university
· Prefers advanced degree in Information Security, Computer Science or related field
· 4-6 years prior IT security related work experience
· Prefers CISSP, SANS or GIAC certification