Fallon Health Information Security Analyst - Growing Healthcare Organization - Remote Opportunity in Worcester, Massachusetts
About Fallon Health
Founded in 1977, Fallon Health is a leading health care services organization that supports the diverse and changing needs of those we serve. In addition to offering innovative health insurance solutions and a variety of Medicaid and Medicare products, we excel in creating unique health care programs and services that provide coordinated, integrated care for seniors and individuals with complex health needs. Fallon has consistently ranked among the nation’s top health plans, and is accredited by the National Committee for Quality Assurance for its HMO, Medicare Advantage and Medicaid products. For more information, visit fallonhealth.org.
Brief Summary of Purpose:
The Information Security Analyst works under the guidance and direction of the Manager, Information Technology Security and Risk and is responsible for initial receipt of escalated support calls related to security, participating in cyber security incident response, network monitoring, understanding application exploitation techniques, and providing a strategy to mitigate risk while maintaining intrusion containment. In addition, this position will be tasked with proactive vulnerability assessment, threat detection, forensic investigation support, and will support systems development and deployment with security best practices.
Working closely with a small, highly-skilled, dynamic team that loves to knowledge-share and is very collaborative
Constantly learning new security skills and tools
Reviewing our potential vendors and their security programs to ensure there’s minimal security risk in bringing them on-board
Facilitating and leading access review campaigns, engaging with various levels of the business to perform their work
Helping to bring our security program to the next level!
Evaluate internal and vendor supplied solutions and services for security risks (e.g. SOC2 reports)
Coordinate access reviews
Perform regular and ad-hoc vulnerability and penetration assessments
Prepare written analyses of assessments for risk and senior IT management teams
Help with automation of security assessment practices
Conduct and coordinate application compliance assessments
Review security event logs, alerts and industry threats, escalating to engineers and management when needed
Act escalation point for security administration team with regard to operational security tasks
Stay knowledgeable of current advances in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks
Assist in forensic investigation and incident handling efforts when required
Participate in software, hardware, and cloud technology implementation as security advisor
Maintain inventory and software baseline of workstations and servers to ensure compliance with patching and security policy
Associate or Bachelor’s degree in Information Technology field (dependent upon experience)
CISSP, GCIA, or CISA preferred
Minimum 3 years’ experience in information security, information technology or related field
Working knowledge of information security risk remediation.
Experience in security aspects of multiple platforms, operating systems, software, communications, and network protocols
Must be highly skilled and proficient in problem solving, with an aptitude and willingness to learn new technologies
Ability to research, review, identify and articulate the potential impact of new or revised technologies or processes on the organization's security posture
Strong written and oral communication skills
The ability to communicate effectively (clear, concise and professionally) with customers, team members and upper management
Demonstrated sound judgment and integrity
Knowledge of and experience with the NIST Cybersecurity Framework, HIPAA, and PCI-DSS
Ability to work collaboratively with a broad range of constituencies.
Previous network and server administration experience preferred
Fallon Health provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.
Posted Date 2 months ago (8/24/2021 3:54 PM)
Job ID 6480
# Positions 1
Category Information Technology