Information Technology Security Analyst
Merakey

Job Info

Position Summary:

The IT Security Analyst's primary responsibility is to implement, monitor and maintain all aspects of IT Security across Merakey to include data loss prevention, incident response, infrastructure security compliance, vulnerability identification and remediation, threat hunting, and application security.

Organizational Relationship: The incumbent will report to the Director of IT Operations and work closely with the Senior IT Directors and members of the Information Technology team and the business to support secure information process and technology.

Duties:

• Configure, implement, monitor, and support security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to Firewalls (Fortinet), (Host/Network/Wireless), secure file transfer, DLP, full disk encryption, firewall rule assessments, log management/correlation, secure password storage/retrieval, application whitelisting, vulnerability management, threat hunting, Windows Server Security, and Cloud based applications (EHR and O365).

• Make recommendations to management on enhancements to existing and new security hardware, software or related tools. Assist in evaluating, planning, configuration, and implementation of new/existing security applications/tools.

• Ensure security best practices are identified and integrated into all facets of the project including network, system designs/configuration, and implementations.

• Identify and recommend potential areas where existing data security policies and procedures require change, or where a supplement is required to mitigate key security risks. Partner with various business units to enhance security policies/procedures.

• Create and maintain data security documentation, policies and procedures.

• Assists in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security.

• Prepare reports that document security breaches and the extent of the damage caused by the breaches.

• Conduct penetration testing, which is when analysts simulate attacks to look for vulnerabilities in their systems before they can be exploited.

• Heavy involvement with creating their organization's disaster recovery plan, a procedure that IT employees follow in case of emergency. These plans allow for the continued operation of Merakey's IT department. The recovery plan includes preventive measures such as regularly copying and transferring data to an offsite location. It also involves plans to restore.

• The Information security analyst must stay up to date on IT security and on the latest methods attackers are using to infiltrate computer systems. Analysts need to research new security technology to decide what will most effectively protect Merakey.

• Responsible for providing support during off hours in an on-call rotation.

• Provide technical guidance on security/privacy policies and standard development and Subject Matter.

• Expert (SME) to enterprise architects and other technologists.

• Guide problems and questions.

• Interfaces with users of technology, employing a high degree of tact and diplomacy to promote a positive image of the department. Resolves problem situations in a professional manner.

• Accurately communicates pertinent information. Assists in the development and implementation of security improvement programs for the department.

• Performs duties in a cost-effective manner to avoid waste of resources without jeopardizing quality of care and service.

• Maintains competency and enhances professional growth and development through continuing education and conferences.

• Performs other duties and responsibilities as assigned by the Director of Operations.

BENEFITS

Merakey offers Medical, Dental, Vision insurance plans, competitive compensation plans, Work/Life balance, flexible schedules, cell phone discount plan, employee referral bonuses, tuition reimbursement and much more!

To fill out an on-line application: www.merakey.org/careers

Requisition number: 75637

ABOUT MERAKEY

Merakey is a leading developmental, behavioral health, and education non-profit provider with a fifty-year history. We offer a breadth of integrated services to individuals and communities across the country. Our belief that every individual has the right to achieve growth, dignity, and fulfillment guides all of our decisions. At Merakey, we care about each other and are committed to providing the very best care to those we serve. Merakey strictly follows a zero-tolerance policy for abuse.

Merakey is proud to be an Equal Opportunity Employer! We deeply value diversity and do not discriminate on the basis of race, religion, color, national origin, ethnic background, sex, gender, gender identity, sexual orientation, age, marital status, veteran status, genetic information, or disability status. Moreover, we are committed to creating teams that reflect the diversity of the communities we serve and encourage applicants from underrepresented backgrounds to apply.

• Bachelor of Science Degree in Computer Science or equivalent experience in Information Technology.

• IT Security certifications such as CISSP, GIAC are desired, but not required.

• Knowledge of HIPAA, HITECH and other security/privacy regulations applicable to Merakey.

• Minimum 2 years experience working in IT, preferably in a Healthcare or Behavioral Health environment.

• 2+ years hand-on experience configuring/managing technical infrastructure (ex. network, servers,etc..).

• 2+ years experience in working in IT/Data Security administration.

• Experience writing process documentation including diagram workflows.

• Experience in development, planning, and implementation of IT Security strategy.

• Experience with network penetration testing, application vulnerability assessments, risk analysis and compliance testing.

Preferred Skills:

• Best Practice knowledge of Security configuration for LAN/WAN, TCP/IP, and VPN.

• Microsoft Office Suite, Visio, Project, and Sharepoint.

• Microsoft Active Directory systems administration.

• Cisco Infrastructure (WAN/LAN, Router, Switches, Firewalls) network administration and configuration.

• Set up, configuration, and troubleshooting for HP Hardware security/privacy regulations applicable to Merakey.

• Minimum 2 years experience working in IT, preferably in a Healthcare or Behavioral Health environment.

• 2+ years hand-on experience configuring/managing technical infrastructure (ex. network, servers,etc..).

• 2+ years experience in working in IT/Data Security administration.

• Experience writing process documentation including diagram workflows.

• Experience in development, planning, and implementation of IT Security strategy.

• Experience with network penetration testing, application vulnerability assessments, risk analysis and compliance testing.

• Best Practice knowledge of Security configuration for LAN/WAN, TCP/IP, and VPN.

• Microsoft Office Suite, Visio, Project, and Sharepoint.

• Microsoft Active Directory systems administration.

• Cisco Infrastructure (WAN/LAN, Router, Switches, Firewalls) network administration and configuration.

• Set up, configuration, and troubleshooting for HP Hardware and Printers.

Equal Opportunity Employer Minorities/Women/Protected Veterans/Disabled