The Cyber Security Analyst is a hands-on role that requires a high level of technical expertise.
The person in this position is responsible for a broad range of tasks, including the day-to-day administration of information security tools and devices, as well as first-level and second-level support for security information and event management (SIEM), Network Monitoring, Intrusion Protection Systems, firewall management, antivirus, audit support, patch management, identity management, and other duties as required.
The individual in this position interacts closely with product vendors and service providers, with personnel from various IT departments — including the application development, operations and network, and privacy teams — and with business departments.
In-depth knowledge of LHC's operating systems and security applications, as well as a working knowledge of basic network protocols and tools, is also required.
Education & Experience
Information Security Experience 2+ years
Baccalaureate degree in health information management or a related information technology field.
Knowledge and understanding of information risks, concepts, principles and industry standards like NIST, HIPAA/HITECH, SOX, etc.
Expert level understanding of security findings and their remediation lifecycle
Knowledge of risk assessment methodologies and technologies
Experience developing, documenting and maintaining security policies, processes, procedures and standards
Experience in project management and change management.
Experience responding to information security incidents
Knowledge of network infrastructure, associate protocols and concepts. Familiarity with the principles of cryptography and cryptanalysis.
Experience in system technology security testing (vulnerability scanning and penetration testing).
Experience in application technology security testing (white box, black box, and code review).
Proficiency in performing risk, business impact, control and vulnerability assessments, and in defining treatment strategies.
Experience deploying, using, monitoring data and network security solutions like: penetration testing, data encryption, patch management, Anti-Virus, Malware Protection, Content Filtering, Data Loss Prevention, Authentication, SIEM, Vulnerability management database management systems.
Good presentation and communication skills.
Professional certification preferred (e.g. GIAC, CISA, CISSP, CISM etc.)
The ability to interact with LHC team members, build strong relationships at all levels and across all lines of business and organizations, and understand business imperatives.
Must be fully vaccinated or be willing to complete full vaccination by date of hire and proof of vaccination will be required. If permitted by state law, the company will consider requests for religious or medical exemptions.