Senior Information Security Analyst - Metropolitan Jewish Health System
New York, NY 10041
About the Job
Our Corporate team may not provide direct care, but we still touch people's lives in a very real and substantial way. The services we provide contribute greatly to the overall patient and member experience, supporting our reputation for excellence.
Why work for MJHS?:When you work with us you will receive comprehensive and affordable health and financial benefits, in addition to generous paid vacation, personal and holiday time that you won't find at our competitors. Do you receive a paid day off for your birthday now? No? You will here! You will also receive the training, tuition assistance and career development you desire to help you achieve your career goals. You take care of our patients, residents and health plan members, and we will take care of the rest!
Benefits include:
- Tuition Reimbursement for all full and part-time staff
- Generous paid time off
- Affordable medical, dental and vision coverage for employee and family members
- Two retirement plans! 403(b) AND Employer Paid Pension
- Flexible spending
- And MORE!
MJHS companies are qualified employers under the Federal Government’s Paid Student Loan Forgiveness Program (PSLF)
Responsibilities:The Senior Information Security Analyst will have strong technical experience and a risk evaluation mindset in all areas of security operations including, event triage, incident response, vulnerability management, penetration testing, and event management (SIEM) is a key part of our information security team. Additionally, the Senior IS Analyst will possess the capability to analyze malware, network traffic, and large sets of disparate data with a genuine curiosity and passion for Cybersecurity.
Qualifications:- Bachelor’s Degree in IT related discipline or equivalent
5+ years of Information Technology experience.
3+ years of full-time Information Security related experienceStrong Windows, networking, malware, and data analysis background. PowerShell, Bash, or other scripting experience. Ability to prioritize and independently complete competing work assignments. Working knowledge of SOC/Security Operations, ITSM, incident handling, vulnerability and penetration testing, security frameworks and best practices. Working knowledge of application & infrastructure security solutions (Firewalls, Intrusion Detection/Prevention Systems, Network Security, Password Management, Data Encryption, and Access Controls). Strong interpersonal and communication skills.
CEH, GIAC GCIA, GSEC, OSCP, CISSP, CISA, CISM, CySA+ or other relevant security certifications preferred.
Understanding of relevant legal, compliance, and regulatory requirements, such as HIPAA, NYDFS cybersecurity, and other cybersecurity frameworks e.g., NIST CSF, MITRE.
Project Management experience, Cloud Security Expertise, Risk Management skills
- Monitor, investigate, correlate, and interpret SIEM logs and MSSP alerts and other detections across multiple platforms for Information Security events
- Manage, configure, and troubleshoot security systems
Identifies opportunities to improve processes and controls through automation.
Improves methods to increase accuracy and detection rate.
- Perform vulnerability scans and interpret results.
- Perform audits of information systems and controls. Investigate and document findings and work with other teams on remediation.
Create documentation for policies and procedures as needed.
- Document events and research performed during the investigations and artifacts collected.
- Participate in Incident Response activities. Coordinate and follow-up with other IS teams to timely mitigate threats to the organization.
- Analyze and interpret malware, exploits and threat activities.
- Maintain current knowledge of Cybersecurity Threat Intelligence landscape, industry trends, and situational awareness.
- Author and edit automation and orchestration scripts for research and tool deployment.
- Track and complete tasks for security enhancement projects.