IT Security Analyst
- Job Level:
$70,000 - $100,000
We are currently seeking an IT Security Analyst for a direct hire position in Melville, NY.
Our client is a growing healthcare network with over a dozen hospitals under its belt. Specializing in some specific areas such as cancer treatment, women's health, and cardiovascular services, our client presents a great opportunity for all those employed.
- Perform application security reviews, vendor/business associate assessments, threat modeling and vulnerability analysis based on the NIST/HITRUST framework.
- Oversee corrective action plan development, establish remediation priorities, and track status.
- Provide information security subject matter expertise to developers, engineers, and workforce members on information security risk assessments, vulnerability remediation, and threat detection techniques.
- Maintain Information Security policies, standards, and guidelines.
- Develop and maintain security awareness and training materials to reinforce required security controls and address gaps noted in assessments.
- Write technical reports based on security review findings and recommendations.
Bachelor’s Degree in Information Security or Audit or related field required.
Experience & Skills Required
- Minimum of five (5) years progressively responsible information security assessment or audit experience required.
- Thorough knowledge and understanding of current information risk assessment techniques required.
- Working knowledge of IT standards, federal and state compliance regulations, and security frameworks including HIPAA, HITRUST, NIST, ISO27001, and PCI-DSS required.
- In-depth technical knowledge of Information Security principles and processes and experience writing/maintaining information security policies, standards and guidelines required.
- Attention to detail, excellent writing, documentation, communication, presentation, customer service and interpersonal skills, and the ability to work with all levels of management required.
- Healthcare environment preferred
- Certified in at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Security+.
- Global Information Assurance Certification (GIAC) or related certification, preferred.