Info Security Analyst Ii
The Information Security Analyst II completes tasks designed to protect against unauthorized access, modification or destruction of Hackensack Meridian Health's (HMH) information assets. Junior-level position, typically assigned projects that involve some complexity. A certain degree of creativity and latitude is required.
- Helps to manage computer security across the enterprise.
- Tracks and monitors software viruses.
- Administers and monitors security solutions.
- Executes incident response strategies.
- Contribute to security projects and participate on cross functional project teams.
- Administers the various security tool systems. Communicates intrusions and compromises to team leaders. Ensures integrity and protection of networks. Functions as system and/or backup administrator for two or more security tools. Monitors IDS/IPS for potential, successful and unsuccessful intrusion attempts. Performs the day-to-day administration required to ensure the security tools are meeting the needs of Hackensack Meridian Health. Upgrades and/or applies patches to security tools as required.
- Identifies both unsuccessful and successful intrusion attempts by reviewing and analyzing security events logs and event summary information. Makes recommendations to improve the functionality of the security tools to improve Hackensack Meridian Health’s security posture and/or customer experience.
- Performs customer support work and documents security incidents. Initiates service recovery when necessary. Responds to requests, adhering to established SLA’s. Provides detailed explanations in Help Desk tickets to allow co-workers to follow the tickets from origination to completion. Informs user of ticket status, explains the problem and resolution in simple terms, and sets appropriate expectations with the end user. Provides advance notification to appropriate teams to advise of scheduled/unscheduled downtimes and implementation of new systems.
- Reviews security violation reports and investigates possible security exceptions.
- Works with end users to determine needs of individual departments, implementing policies or procedures. Works on cross-functional teams to implement security projects.
- Monitor security and compliance trends, current events, best practices, etc.
- A member of the HMH Incident Response Team, responding to and mitigating security incidents using established procedures and protocols. Rotating member of IT Info Security on-call team.
- Lifts, pushes or pulls up to 25 lbs. and may sit and/or stand for long periods of time.
- Adheres to the HMH’s Organizational Competencies and Standards of Behavior.
- Bachelor’s degree in IT, Computer Science, Management Information Systems or equivalent degree. Work experience may be substituted.
- Two or more years of IT experience with at least one year of system/network security experience.
- Experience and technical knowledge in endpoint security and protection, network security, and server security and protection.
- Experience with supporting security policies and standards.
- Familiar with standard concepts, practices, and procedures within IT Security.
- Experience in large network environments with data centers and remote locations.
- Familiarity with security regulations and standards, HIPAA/HITECH and PCI-DSS preferred.
- Knowledge of network and web protocols (i.e. TCP/IP, UDP, IPSEC, HTTP, HTTPS, etc.)
- Knowledge of MS Windows, Active Directory and best practice implementation methodologies.
- Knowledge of security vulnerabilities and remediation techniques.
- Ability to discuss security issues in understandable business terms.
- Excellent written and verbal communication skills.
- Strong problem-solving and analytical skills.
- Ability to travel to other HMH locations, as needed.
As a courtesy to assist you in your job search, we would like to send your resume to other areas of our Hackensack Meridian Health network who may have current openings that fit your skills and experience.