Analyst II, Security - GRC

Analyst II, Security - GRC

Location

US-TX-Addison

Job ID

345121

Pos. Category

Corporate - Information Systems

Pos. Type

Full Time

Recruiter : Full Name : First Last

Demetrius Daniels

Overview

Concentra is recognized as the nation's leading occupational health care company.

With more than 40 years of experience, Concentra is dedicated to our mission to improve the health of America's workforce, one patient at a time. With a wide range of services and proactive approaches to care, Concentra colleagues provide exceptional service to employers and exceptional care to their employees.

The Analyst II, Security - GRC will be responsible for establishing and implementing security policies, standards and guidelines related to all information systems. The Security Analyst will also be responsible for conducting investigations into any alleged computer or network security compromises, incidents, or problems. Responsibilities of this position include the monitoring of compliance to HIPAA, SOX, and PCI security requirements as well as the development and maintenance of security policies and procedures. The Security Analyst will provide secondary support for the Information Service Department, while delivering quality customer service. A good handle and knowledge of Cybersecurity Frameworks, Risk Management and IT Audit principles will be beneficial in this role.

The position will be assigned complex, and comprehensive tasks and projects and will be expected to effective leverage their established subject matter expertise to drive progress and to overcome obstacles. They must illustrate an additional level of ownership and individual accountability of assigned initiatives. This position will be expected to effectively interact with senior business leaders. Challenged with ensuring that state-of-the art security techniques are employed to maintain the highest level of security for all platforms and applications maintained by the company while at the same time not compromising system efficiency. In addition, the Security Analyst must resolve any security incident in a timely manner. This position will also be responsible for identifying opportunities for process and technology enhancements and communicating those opportunities as well as their proposals to implement them to management.

Responsibilities

Identify information protection goals and objectives within the scope of a strategic plan. This should be reviewed on an annual basis

• Strong ability to review security agreements, Data Processing Agreements, customer security addendums and / or support master service agreements review with legal department
• Implement and administer security management practices and monitoring tools.
• Ensure platform level compliance to information security policies, standards and best practices through a security monitoring and compliance review program.
• Create, maintain and update disaster recovery procedures and the Configuration Management Database (CMDB) when changes in hardware or applications occur.
• Monitor access control logs and security violation logs.
• Keep abreast of "state of the art" security techniques to advise systems designers and users on security methods that best implement stated policy and standards.
• Lead investigation efforts into any alleged Enterprise, computer or network security compromises, incidents, or problems under the direction of leadership.
• Provide support in defining, updating and standardizing systems configurations for all applications; and thoroughly test any modifications prior to deployment to ensure disruptions to operations are not caused by those changes.
• Develop reports, upon request, utilizing various report-writing tools in all applications
• Recognize and identify potential areas where existing policies and procedures require change, or where new ones need to be developed, especially regarding future business expansion and recommend ways to improve them to management.
• Monitor servers and networks to detect possible intrusion attempts. Report on any security violation related to the unwarranted access to corporate data. Ensure compliance to HIPAA, SOX, and PCI security requirements.
• Ensure that all applications and system related problems are resolved in a timely and efficient manner.
• Maintain awareness of the rapidly changing Concentra environment and recommend cost efficient techniques when supporting corporate and field systems.
• Support the mission of and direction of Concentra both within the department and throughout the corporation.
• Build team spirit by assisting and coaching other staff members.
• Completion of any activities, tasks, and projects as defined.
• Ensure all changes comply with the Change Management policies and procedures.
• Assist with issues and problem management activities to ensure that information security concerns are incorporated into information technology development efforts.
• Take lead role in the User Access Request process for projects including application rollouts, acquisitions, joint ventures, and other business expansions.
• Monitor the Medical Device Security lifecycle.
• Experience with data loss prevention tools and analysis is highly desired.
• Strong knowledge of third-party security management. Ability to review third-party security and audit reports is a must.
• Ensure compliance and adherence to business continuity and disaster recovery plans

Qualifications

Additional Data

Employee Benefits

We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation, if required.

Concentra is an Equal Opportunity Employer, including disability / veterans