Information Security Analyst

As an Information Security Analyst you will:
Develop plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency data processing needs.
Review violations of computer security procedures and discuss procedures with violators to ensure violations are not repeated.
Plan, implement and upgrade security measures and controls.
Establish plans and protocols to protect digital files and information systems against unauthorized access, modification and destruction.
Maintain data and monitor security access.
Perform vulnerability testing, risk analyses and security assessments.
Perform risk assessments and execute tests of the data processing system to ensure the functioning of data processing activities and security measures.
Conduct internal security audits.
Anticipate security alerts, incidents, and disasters and reduce their likelihood.
Collaborate technically with the infrastructure team to manage the network, intrusion detection, prevention systems and encryption measures.
Analyze security breaches to determine the root cause.
Recommend and install appropriate tools and countermeasures.
Define, implement, and maintain corporate security policies.
Collaborate with the appropriate BWW areas to train fellow employees in security awareness and procedures.
Coordinate security plans with outside vendors.
Respond to eDiscovery, data collection queries, and digital forensics requests.
Work an on-call rotating schedule outside the regular schedule on a rotating basis.
Maintain and protect sensitive and private information by keeping employee records confidential in accordance with HIPAA, local, state and federal laws and regulations.
Ensures that PHI/ePHI of employees, plan participants, patients, and other assigned individuals are maintained and transmitted securely and legally.
Perform all work safely in accordance with established safety policies and procedures. Comply with all safety and health standards and guidelines issued by management.
Perform other duties as assigned.
PHYSICAL DEMANDS:

Ability to stand, walk or sit for extended periods
Reaching by excreting hand(s) or arms(s) in any direction
Finger dexterity is required to manipulate objects with fingers rather than with whole hand(s) or arm(s), for example, using a keyboard
Communication skills using the spoken word
Ability to see within normal parameters
Ability to hear within normal parameters
Ability to move about
Ability to lift 25 pounds
WORKING ENVIRONMENT:

Moderate noise (business office)
Night and weekend hours as needed
Exposed to cold temperatures in the data center
Occasionally visit job sites, in plants and outdoors, exposed to extreme hot/cold/wet weather conditions
The ideal candidate will have:
Penetration testing and vulnerability testing & remediation
Anti-virus and anti-malware
TCP/IP, computer networking, routing and switching
Firewalls, proxies, IDS, IPS, and security appliances
Windows and Linux operating systems
Network protocols and packet analysis tools
Comprehension of development & scripting languages (C#, VB, Python, C, .NET)
Cloud computing
SaaS models
Security Information and Event Management (SIEM), Log analysis, Event collection & correlation
Incident response and handling
Technical writing
CEH Certified Ethical Hacker
ECSA EC-Council Certified Security Analyst
GSEC/GCIH/GCIA/GIAC Security Certifications
CISSP Certified Information Systems Security Professional