Sr. Information Security Analysis

Direct Hire

CyberSearch

Sr. Information Security Analyst
Remote 
PERM (Central Time zone work hours)
Salary: $100-125k/year 

Overview
The Senior Information Security Analyst will be responsible for implementing and managing the day-to-day operation of the organization’s information security program. They will play a critical role in ensuring Forefront’s technology and information assets are appropriately guarded from external and internal threats, providing guidance, and helping make critical decisions about security risk assessment, solutions, and the organization’s ongoing evolution of its IT security program. Our ideal candidate has a passion for information security, an interest in ethical hacking, leverages software and automation to improve user experience, and understands that security is everyone’s responsibility. 

Qualifications

  • 5+ years proven work experience as an Information Security Analyst or similar role
  • GRC Product knowledge
  • PCI Compliance knowledge
  • Demonstrated knowledge of technology processes, risks, infrastructure, and information security
  • Strong Expertise with security assessment methodology and vulnerability management
  • Experience managing 3rd party information security vendors
  • Experience designing and operating enterprise security controls
  • Experience leveraging software and automation to limit repetitive tasks and streamline user experience
  • Experience leading security incident response activities
  • Experience with both windows-based enterprise infrastructure and cloud applications and environments
  • Knowledge of web security best practices, including certificate management, encryption protocols, and common vulnerabilities
  • Excellent written and verbal communication skills including the ability to articulate complex issues to both technical and non-technical stakeholders
  • Ability to work effectively with stakeholders across departments and affiliated organizations
  • Excellent problem solving and strong project management skills
  • Professional certifications such as Security+, CySA+, CEH, SSCP, ITIL
  • Highly Desired: Healthcare sector experience and familiarity with HIPAA

Responsibilities 

  • Work with Forefront’s management and staff, third party security consultants, and managed service providers to assess risks, establish priorities, conduct reviews, and implement solutions
  • Work in collaboration with the information security team on day-to-day tasks in managing the information security posture of the organization
  • Design, implement, and operate information security best practices and procedure utilizing software and automation to enhance user experience and limit repetitive tasks
  • Develop and manage security and process documentation
  • Ensure that required security control initiatives are executed on schedule and in line with Forefront’s Information Security program objectives
  • Develop and manage metrics and reporting designed to measure Information Security program effectiveness and ensure compliance with policies, compliance regulations, and industry best practices alongside the information security team
  • Partner with training staff to develop and continually iterate on security awareness training curriculum
  • Monitor external threat environment to ensure Forefront is responsive to near and far term threats
  • Respond to and resolve cyber security threats that may impact the confidentiality, integrity, or availability of Forefront’s systems and affect patients or personnel
  Apply with Github   Apply with Linkedin   Apply with Indeed
  Stack Overflow