Our client, a popular non-profit organization with a goal of improving healthcare by facilitating the use of innovative technologies, is looking to hire an extremely bright Information Security Analyst/Engineer! This is a full-time permanent opportunity based onsite in Albany, NY.
The company leads a network connecting thousands of healthcare providers, develops policies and standards that support the use of health technologies, and assists healthcare providers in adopting and using electronic health records.
If you are passionate about Cyber Security and would like to join the digital health revolution, you are encouraged to apply!
You will research processes and technologies, and provide recommendations for improvement to ensure the cybersecurity program aligns effectively with the business objectives of the company. You will provide support and recommendations to ensure adequate security and management of risk for NYeC’s systems and environment as well as the SHIN-NY enterprise.
You will act as liaison between the CISO and external vendors and consultants providing various information security services to the organization. This role will also work with the core Information Technology (IT) team to assist in ensuring current security controls in place are effective and identify any gaps and work with the IT team to ensure the appropriate controls are implemented to address cybersecurity risk gaps.
You are ideally fully-hands on and get involved in more than just risk and compliance!
- Bachelor’s degree in Information Technology or Information Security or a related field
- Advanced Degree and/or active IT Security Certifications would be outstanding!
- 4+ years of information security and information technology administration experience required
- Demonstrated experience in leading a number of security assessments, interpreting results and recommending those weaknesses that require remediation, and understanding how to verify that vulnerabilities have been closed after remediation
- Demonstrated ability to design and administer configuration for common network and security devices (firewalls, routers, switches, intrusion detection/prevention, log management)
- Knowledge of current security technologies and controls (Microsoft Azure, SIEM tools, Firewalls, IDS, IPS) and ability to research and remain current with emerging technologies, controls and best practices
- Demonstrated ability to identify risks within an information security program and assist in developing mitigation plans and actions
- Familiarity with implementing regulatory requirements, cybersecurity industry frameworks and standards (HITRUST, HIPAA, MARS-E, FFIEC, NIST, CIS 20 critical controls, PCI-DSS, ISO 27001)
- Comfortable delivering presentations and making recommendations based on research and best practice to senior leadership