10th July, 2020
The Sr IT Security Analyst is responsible for defining, developing and supporting the security and regulatory compliance for the computing systems. This is accomplished with technical controls, policies, procedures and training/awareness. The Senior IT Security Analyst is also responsible for audit and regulatory compliance related to HIPAA, PCI, FERPA, FISMA, and other regulatory or contractual compliance. Identifies opportunities for process and/or system improvements by partnering with end-users, vendors, and system developers. Provides IT Security related data, analysis, metrics, and reports. Develops strong partnerships with the assigned functional area(s) to fully understand their processes and ensure that security and regulatory compliance are met. Implements manage and maintain security-related technologies.
Apply For Job
EDUCATION/EXPERIENCE: Bachelor’s Degree in Management Information Systems, Computer Science, or related field plus 10 years of experience in IT; 5 years of experience in IT Security; or equivalent combination of education and experience.
LICENSURE, CERTIFICATION, and/or REGISTRATION: CISSP, CISA GCIH, GCFA, CEH preferred
- Design, performs and documents risk assessments to ensure that enterprise data is adequately secured and regulatory compliance is met.
- Performs and documents risk assessments to ensure that confidential data is adequately secured and regulatory compliance is met.
- Reviews contracts and performs security reviews for vendors including HIPAA business associate agreement (BAA)
- Review risk assessment work performed by others
- Provides support for incident response
- Provides technical guidance and takes ownership of issues
- Monitors and advises the team on emerging vulnerabilities, hacking trends.
- Develop, improve, and document security-related configurations and processes including HIPAA, identity management, payment card industry (PCI) security, training and awareness, and other processes as identified.
- Provides Audit, Privacy, legal, and litigation support. Serve as ITS Security point of contact for all audits and security-related activities with other departments.
- Designs, implements and monitors vulnerabilities and vulnerability management systems, and processes. This includes periodic vulnerability assessments, scanning, and remediation.
- Implements and maintains security-relevant applications from vendors. This may include writing scripts and code and creating documentation, reports, process, procedures and policies where appropriate. a. Designs and executes system test plans and conducts functional testing. Ensures software quality assurance standards are achieved and validates that business goals are accomplished.
- Works with other departments within ITS to improve security and general functionality. This can include writing scripts, assisting with configurations, and assisting with general troubleshooting.
- Manages, coordinates, and/or implements security-related projects.
- Internal ITS security consultant for projects to ensure regulatory and other security requirements are met