Job Description :
Position Comments

Job Title: Information Security Analyst


Job Description
Job Title: Information Security Analyst
This position is an intermediate security analyst within IT Security Governance

Responsibilities:
Coordinate handling of application and platform securty exception requests
Review tickets for proxy, desktop technologies and Active Directory GPOs
Review security related application incidents
Provide Role Based Access Control (RBAC) to individual users and perform recertification based on segregation of duties and roles
Review security standards for Windows and Linux OS
Comply with internal and external audit requests
Monitor the effectiveness of the Enterprise wide information security program
Provide data for audit indicating changes made to access control lists to facilitate audits and other investigations
Participate in investigating possible security violations
Track and maintain security governance metrics
Document and create work flow diagrams showing the production of, transmission and use of electronic Protected Health Information (ePHI) and other sensitive information
Provide guidance and direction regarding security control elements in policies throughout the organization
Understand relevant business processes and their implications on information security
Maintain information security risk identification, tracking and mitigation processes
Provide input to the information security awareness, training and education program
Assist in development of accurate and relevant information security process and operational metrics
Assist in defining monitoring measures to detect and ensure correction of security breaches and policy violations
Proactively keep current on information security issues related to business processes as input into departmental policies and procedures

Knowledge/Skills:
Requires a solid understanding of IT security concepts with an emphasis on Security and Risk Assessment
Requires solid knowledge of IT and computer systems
Requires a solid understanding of internal and external audit process
Requires broad understanding of Public Key Infrastructure (PKI), encryption, network security controls tools and functionalities
Requires familiarity with HIPAA security rules and National Institute of Standards and Technology (NIST) standards
Requires familiarity with cloud security
Requires strong analytical thinking skills
Requires excellent verbal and written communication skills
Requires excellent interpersonal skills and the ability to work effectively with others as a team
Requires excellent PC skills and demonstrated proficiency with MS Office Suite
Requires the ability to handle multiple tasks and prioritize effectively

Education/Experience:
Requires Bachelor''s degree, preferably in Computer Science, from an accredited college or university
Prefers advanced degree in Information Security, Computer Science or related field
4-6 years prior IT security related work experience
Prefers CISSP, SANS or GIAC certification