Information Security Analyst

JOB OBJECTIVE SUMMARY:

The Information Security Analyst is a key associate at Hope Network whose primary responsibilities include: The Information Security Analyst plays a key role in safeguarding Hope Network’s systems and data. This position is responsible for developing, implementing, and maintaining security measures aligned with industry best practices and healthcare compliance requirements. The role emphasizes proactive risk identification, continuous monitoring, and ensuring adherence to regulatory standards such as HIPAA and HITECH.

ESSENTIAL FUNCTIONS AND RESPONSIBILITIES:

This is not intended to be an exhaustive listing of job functions. This job description in no way states or implies that these are the only duties to be performed by this employee. The employee is required to follow any other instructions and to perform any other duties as assigned.

1. Regular and predictable attendance is an essential requirement of this position.


2. Develop security standards and best practices for the organization.


3. Investigate IT security incidents.


4. Conduct regular internal penetration testing.


5. Research the latest information technology (IT) security trends.


6. Recommend security enhancements to management or senior IT staff.


7. Review third-party application security vulnerabilities and recommend updates.


8. Coordinate and execute IT security projects including security assessments and manage remediation of findings.

1. Document, maintain and coordinate Business Continuity processes and testing.


2. Research, test, and deploy additional security processes and products in response to identified vulnerabilities.

1. Conduct regular vulnerability scans and penetration testing.


2. Review firewall rules and monitor logs.


3. Manage Intrusion Detection (IDS), Prevention (IPS), Data Loss Prevention (DLP) and Cryptography/Encryption solutions.

Addendum for Essential Functions if Applicable for multiple departments:

1. Coordinate with Corporate Compliance department to ensure compliance with various regulations.

Position Qualifications:

1. Bachelor’s degree in Computer Science or relevant IT security business experience.


2. 3 years of experience in an IT position involving security administration.


3. Experience with HIPAA Security Rule and HITECH Act and how it affects IT security.


4. General knowledge of information security frameworks, standards, and best practices.


5. Technical knowledge of network security solutions management and analysis.


6. Preferred certifications: Security+, CISA, CISSP, CISM, or CEH.


7. Strong communication skills and the ability to translate technical concepts for non-technical audiences.


8. Ability to work independently and with cross-functional teams.


9. Strong understanding of Active Directory, LDAP, DB, Azure, Office 365/M365 administration, and compliance.