Cyber Security Senior Analyst

US-RI-Smithfield
Req No.
2017-7907
Department
Information Sec and Risk Mgmt
Type
Regular Full-Time
Category
IT/Operations

Overview

This position is responsible for managing, maintaining and executing the cyber security vulnerability management program. In this hands-on role, he\she will manage day-to-day security administration tasks such as log reviews, intrusion alert reviews, vulnerability scans, and stay up-to-date on the latest intelligence, including hackers’ methodologies, in order to mitigate security incidents. In addition, he/she will work with stakeholders to remediate identified vulnerabilities within timelines developed based on industry best practice and regulatory guidelines. He\She will also assist with building and reporting metrics regarding the program effectiveness.

 

This role will serve as a subject matter expert who provides specific strategies to protect computer systems, networks and data. Will also be responsible for conducting risk assessments and make recommendations to ensure organization security controls meet regulatory controls as well as industry best practice guidelines.

Responsibilities

  • Respond to intrusion detection / intrusion prevention alerts from outsourced Security Operations Center (SOC)
  • Conduct proper review and follow-up for potential threats based on log monitoring results from outsourced security service
  • Perform Information Security risk assessments and execute tests of data processing systems to ensure functioning of security measures; examples: HIPAA/HITECH compliance assessment, Role Based Access audit
  • Gather and research risk control deficiencies and work with Enterprise Risk Management to accurately record in a risk register and assign prioritization
  • Coordinate and participate in Information Security penetration tests
  • Manage internal information security scanning tools such as Qualys and perform regular assessments
  • Coordinate remediation efforts associated with the results of penetration tests and vulnerability assessments
  • Review and revise Security Incident Response plans as needed
  • Evaluate and implement security solutions
  • Support audit requests
  • Perform security permissions administration audits (Periodic Access Review)
  • Assist with annual review of Information Security policies, standards and procedures
  • Other related duties as assigned
  • Corporate Compliance Responsibility - As an essential function, responsible for complying with Neighborhood’s Corporate Compliance Program, Standards of Business Conduct, applicable contracts, laws, rules and regulations, policies, and procedures as it applies to individual job duties, the department and  the Company. This position must exercise due diligence to prevent, detect, and report unlawful and/or unethical conduct by fellow co-workers, professional affiliates and/or agents.

Qualifications

Required:

  • Hands-on security professional
  • Five (5)+ years’ experience in Information Security and Vulnerability Management
  • Bachelor’s degree in Cyber Security (or) related degree and experience
  • Developing and managing penetration testing and vulnerability scan programs and associated tools experience
  • Developing and implementing remediation strategies to safeguard computers, networks and regulated data experience
  • Managing risk scoring methodologies to establish risk scores against risk appetite experience
  • Overseeing adherence to remediation efforts by internal IT staff and business line owners experience
  • Performing Information Security/Information Technology risk assessments experience
  • Ability to effectively prioritize and execute tasks in a high-pressure environment
  • Ability to manage multiple work streams simultaneously
  • Strong verbal and written communications skills
  • Excellent Customer service skills

Preferred:

  • Mentoring junior staff experience
  • Firewall ruleset management review experience
  • GRC tools such as Archer, Compliance 360 etc. experience
  • Health Care experience
  • CISSP, CISM or GIAC certifications
  • Familiarity with regulatory controls and industry best practices such as HIPAA, ISO27001/2, PCI, HiTrust, NIST etc.)

Neighborhood is an Affirmative Action and Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, national origin, genetic information, age, disability, veteran status or any other legally protected basis. 

Neighborhood is committed to ensuring individuals with disabilities and/or those who have special needs participate in the workforce and are afforded equal opportunity to apply for jobs. If you would like to contact us regarding the accessibility of our Website or need assistance completing the application process, please contact us at recruiting@nhpri.org

 

Neighborhood is an EOE M/F/D/V and an E-Verify Employer

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed