Information Security Analyst Job – Job #1569701
Lucas Group is working with a cutting-edge organization that is changing the healthcare industry by collaborating with the state to make health care information accessible across all providers.
The Information Security Analyst will research processes and technologies, and provide recommendations for improvement to ensure the cyber security program aligns effectively with the business objectives of our client. This role will be responsible for providing research, support and recommendations to ensure adequate security and management of risk for the client’s systems and environment. The individual will act as liaison between the client and external vendors and consultants providing various information security services. This role will also work with the core Information Technology (IT) team to assist in ensuring current security controls in place are effective and identify any gaps and work with the IT team to ensure the appropriate controls are implemented to address cyber security risk gaps.
- Bachelor’s degree in Information Technology or Information Security, 3-5 years of information security and information technology administration experience or equivalent required. Advanced degree in relevant field of study such as Business Administration, Information Security, IT, or related field preferred;
- Must have prior experience playing a key role in a cyber security program;
- Ability to research and draft information security policies and procedures, and recommend new information security technologies for implementation;
- Effective communicator (oral and written) and comfortable delivering presentations and making recommendations based on research and best practice to senior leadership;
- Demonstrated ability to identify risks within an information security program and assist in developing mitigation plans and actions;
- Familiarity with implementing regulatory requirements, cyber security industry frameworks and standards (HITRUST, HIPAA, MARS-E, FFIEC, NIST, CIS 20 critical controls, PCI-DSS, ISO 27001, etc. );
- Knowledge of current security technologies and controls (Microsoft Azure, SIEM tools, Firewalls, IDS, IPS) and ability to research and remain current with emergeing technologies, controls and best practices;
- Excellent analytical and problem-solving abilities to identify and recommend solutions for security risks;
- Ability to build understanding and awareness of security issues throughout the organization;
- Ability to effectively work as part of a team to develop security solutions in collaboration with core information technology team;
- Must have the ability to be available after hours as needed