Information Security Analyst

Overview

The Information Security Analyst monitors evaluates and reports on Information Security related events as they pertain to network security, host-based security, application security & other forms of technical security capabilities in order to assess system and enterprise level risk at US Anesthesia Partners (USAP). The primary responsibility of this job is to reduce the exposure of threats to confidentiality, integrity & availability of both critical and supporting computing systems. In addition, this role is responsible to the Information Security Director for conducting and tracking ongoing compliance assessments of the USAP information system and collaborating with system owners and administrators to accomplish remediation tasks. The role will assist in ensuring corporate regulatory compliance, risk remediation and vulnerability management, and maturing business processes. The Information Security Analyst may assist the Information Security Team to conduct reviews of network infrastructure, systems infrastructure, application configurations, and software code reviews. He or she also provides support to the Information Security Team through project management, reporting processes, and technical writing.

The ideal candidate would be familiar with Information Security tools & monitoring them for indicators of compromises of computer systems. The ideal candidate would also be familiar with Information Security regulations and frameworks such as HIPAA and NIST CSF.

Job Highlights

ESSENTIAL DUTIES AND RESPONSIBILITIES:

Security Monitoring, Investigating, and Reporting - Monitor security appliances for Information Security incidents. Investigate and report suspected or known Information Security incidents in accordance with procedures. Threat Intelligence - Researching threat intelligence as it pertains to USAP. Information System Audits and Assessments - Perform audits and assessments of USAP information systems and applications. Operational Support - Work with Information Security Team, IT Department, and rest of Legal and Compliance Division to plan and implement security measures to enhance the overall Information Security posture at USAP. Work with Information Security Manager to develop departmental plans and procedures. Work with Information Security Team to develop monitoring and reporting techniques of Information Security tools.

Qualifications

JOB REQUIREMENTS (Knowledge, Skills and Abilities):

Conducting assessments of systems, infrastructure, and applications in accordance with regulatory laws and frameworks Monitoring security system technology Strong data analysis, both quantitative and qualitative Good reasoning and logic, problem solving skills Self-motivated individual, with ability to work to deadlines Team player with proven ability to build strong cross-business relationships Excellent written and verbal communication skills

EDUCATION/TRAINING/EXPERIENCE: A bachelor's degree or equivalent experience is required Experience working with at least one of the following security frameworks: HIPAA or NIST CSF Information security certifications (Security +, CISSP, CEH, CISA, GIAC, or related certifications) are preferred Experience with system/network administration is a plus Technical writing experience is preferred

PHYSICAL REQUIREMENTS: Requires prolonged sitting, some bending, stooping and stretching Must possess sufficient eye-hand coordination/manual dexterity to operate a keyboard, photocopier, telephone, calculator and other office equipment Required normal range of hearing and eyesight to record, prepare, and communicate appropriate reports and evaluations. Requires lifting papers and boxes weighing up to 35 pounds occasionally Requires dexterity to type at least 35 wpm.

WORKING CONDITIONS (environment and safety): Work performed in office environment Involves frequent contact with professional staff and managed care organizations Work may be stressful at times Interaction with others is frequent and often disruptive

DISCLAIMER: The above job description has been written to indicate the general nature and level of work performed by employees within this classification. It is not written to be inclusive of all duties, responsibilities and qualifications required of employees assigned to this job.

US Anesthesia Partners, Inc. provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, gender identity, sexual orientation, pregnancy, status as a parent, national origin, age, disability (physical or mental), family medical history or genetic information, political affiliation, military service, or other non-merit based factors.