Job Description

Apply

Submit Email

If you've inquired to HumanEdge in the past, please use the same email to help shorten the inquiry process. If you've never inquired or don't remember, you may use any valid email address.

IT Security Analyst

  • Ref: 283093
  • Type: Direct Hire
  • Location: Melville, NY
  • Industry: Hospitals
  • Job Level: Associate
  • Pay: $70,000 - $100,000

Opportunity Description

We are currently seeking an IT Security Analyst for a direct hire position in Melville, NY.

Company Information

Our client is a growing healthcare network with over a dozen hospitals under its belt. Specializing in some specific areas such as cancer treatment, women's health, and cardiovascular services, our client presents a great opportunity for all those employed.

Job Duties

  • Perform application security reviews, vendor/business associate assessments, threat modeling and vulnerability analysis based on the NIST/HITRUST framework.
  • Oversee corrective action plan development, establish remediation priorities, and track status.
  • Provide information security subject matter expertise to developers, engineers, and workforce members on information security risk assessments, vulnerability remediation, and threat detection techniques.
  • Maintain Information Security policies, standards, and guidelines.
  • Develop and maintain security awareness and training materials to reinforce required security controls and address gaps noted in assessments.
  • Write technical reports based on security review findings and recommendations.

Education

Bachelor’s Degree in Information Security or Audit or related field required.

Experience & Skills Required

  • Minimum of five (5) years progressively responsible information security assessment or audit experience required.
  • Thorough knowledge and understanding of current information risk assessment techniques required.
  • Working knowledge of IT standards, federal and state compliance regulations, and security frameworks including HIPAA, HITRUST, NIST, ISO27001, and PCI-DSS required.
  • In-depth technical knowledge of Information Security principles and processes and experience writing/maintaining information security policies, standards and guidelines required.
  • Attention to detail, excellent writing, documentation, communication, presentation, customer service and interpersonal skills, and the ability to work with all levels of management required.
  • Healthcare environment preferred
  • Certified in at least one of the following: Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), Security+.
  • Global Information Assurance Certification (GIAC) or related certification, preferred.