Senior Security Analyst

Agency :

Alternate Solutions Health Network

Our culture and people are what set us apart from other post-acute care providers. We’re dedicated to the growth and development of our team to set them up for success.

We CARE for our patients like they are our own FAMILY.

No 3rd parties, please!

You must live in the Dayton, OH area to be considered for this opportunity.

8-hour day Mon-Fri with occasional weekend work

On call as required for Infrastructure support

Sponsorship is not available, must be a US citizen.

SUMMARY

The Senior Security Analyst is responsible for monitoring, tracking, and reporting relevant security events, types, and sources.

The Senior Security Analyst is also responsible for applying technical and functional expertise to collect, normalize, characterize cyber incident, and event data to identify anomalous or malicious activity including intrusions, attacks, data loss or other prohibited activities.

The Senior Security Analyst will analyze and correlate incidents and events that may involve data breaches or malicious activity against our network.

QUALIFICATIONS & ATTRIBUTES :

Bachelor’s degree in Computer Science or Technology, Engineering, Information Security, or related fields is required.

Security+ certificate or equivalent required. CISSP certification is highly desirable.

Four to five years of information security experience in a healthcare environment working with end point management, Network Detection Systems (NDS), Intrusion Detection Systems (IDS), Intrusion Prevention Systems (IPS), vulnerability scanning, patch management, event log monitoring, multi-factor authentication, disaster recovery and business continuity planning, incident response, firewall configuration(s) and cloud security.

3+ years’ processing working with a ticketing system including publishing knowledge base articles.

3+ years experience collecting, analyzing, actioning, and reporting on security logs.

3+ years experience identifying security vulnerabilities and supporting actions to address risks.

3+ years experience supporting disaster recovery and business continuity exercises.

Demonstrated ability supporting effective enterprise change management.

Demonstrated ability to successfully establish and maintain professional relationships across the organization and with external parties.

Intermediate skills in Microsoft Office software suite - Word, Excel, Outlook, PowerPoint

Knowledgeable on computer hardware and software, technical understanding and comprehension, and networking familiarity.

Ability to communicate effectively, interpret regulatory guidance and identified vulnerabilities to a wide audience.

Strong interpersonal skills and good judgment with the ability to work alone or as part of a team.

Disciplined style of work ethic with the ability to prioritize and be timely.

MAJOR AREAS OF RESPONSIBILITY :

Support studies to evaluate, recommend, and implement security solutions that enhance core information and physical security capabilities.

Focus areas include security infrastructure, access management, networking, and databases.

Identify potential impact to the ASHN corporate and agency environments by analysis of intelligence reports, forensic reports, and reverse engineering of malware reports.

Determine associated indicators of compromise (IOC’s) to develop and distribute countermeasures to detect and prevent identified threats.

Evaluation of IOCs from incidents to determine association with known computer network exploitation (CNE) groups.

Investigate the IOCs for other infrastructure related to the CNE teams (domain registration, IP ownership, VPN infrastructure, strains of malware, etc.

for the possible addition of proactive defensive measures.

Assist the InfoSec and Infrastructure teams responsible for preventing and mitigating the potential impact of cyber-attacks by developing, distributing, and sharing countermeasures that may impact networks and information systems.

Provide expertise in security operations, incident analysis, and vulnerability management.

Analyze logs from various security sensors, including network packet captures, DNS, EDR, proxy, and host-based security.

Assist with identifying and mitigating security risks at the system level, especially those from project-level risks.

Interview stakeholders to define and document business and / or technology requirements.

Establish strong working relationships with business partners across different domains.

Evaluate existing Information and Physical Security processes and document them.

Identify opportunities for process enhancements.

Ensure value and consistency for users and customers.

Stay informed about internal and external threats related to information security.

Provide advice and support for managed systems and vendors.

Assist with the ASHN Information Security Program awareness and training.

Other duties as assigned.

MANAGEMENT RESPONSIBILITY : N / A

Physical Demands : The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job with or without accommodations.

Below are minimal knowledge / physical requirements of this position.

Constantly (66%-100%) :

Reading, Speaking, Writing English

Communications Skills

Computer / PDA Usage

Hand / finger dexterity

Hearing / Seeing

Vision for close work

Talking in person

Hearing in person

Talking on the phone

Hearing on the phone

Frequently (34%-66%)

Walking

Bending

Standing

Stretching / Reaching

Sitting

Occasionally (2%-33%)

Lifting up to 50 lbs. with or without assistance

Climbing

Stooping (bend at waist)

Driving

Rarely (1% or less)

Distinguish smell / taste

Kettering, OH

We’ll help you put your passion for patient care to work. Apply today!

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee.

Duties, responsibilities and activities may change or new ones may be assigned at any time with or without notice.

We are an Equal Opportunity Employer.