Cyber Security Analyst- (Healthcare, CISSP)

at Jobot
Published September 19, 2022
Location Newport Beach, CA
Category Default  
Job Type Full-time  

Description

100% Oniste- Must reside or be willing to relocate to Southern California

This Jobot Job is hosted by: Rey Robles
Are you a fit? Easy Apply now by clicking the "Apply Now" button and sending us your resume.

A bit about us:

Since 1952 we’ve carried out our mission to serve the local community by providing health care services of the highest quality. Our core pillars of success are based on quality and service, people, physician partnerships, strategic growth, financial stewardship, community benefit and philanthropy.

Why join us?

Making a difference in the lives of others is at the heart of our organization. This responsibility is important as we continue to revolutionize health care. As your career evolves, our compensation and benefits packages are designed to evolve with you and your family. We know that when Hoag provides the tools to support you and your loved ones quality of life, you can take better care of our patients. We offer a wide range of benefits in areas including health, family, finance, community, and vacation.

Job Details

The Cyber Security Analyst III establishes and maintains the corporate-wide Cyber Security program to ensure information assets are adequately protected. Responsible for ensuring the confidentiality, integrity, and availability of enterprise-wide security devices. Working with management, the Analyst III will direct system security assessments to identify vulnerabilities, remediation strategies, and implement effective safeguards. Conducts incident response activities from detection, analysis, remediation, and mitigation, to lessons-learned documentation. Adheres to and maintains Hoag Cyber Security policies, procedures, guidance. Works with multiple stakeholders (internal and/or external) to ensure deliverables are accurate, complete/on time.
Partners with the Incident Response Lead for Cyber Security Incident Response activities. Analyzes security events and incidents, ensuring optimal use of existing tool sets. Identifies any technical gaps and drives plans for improvement.

Proactively assesses security controls (technical, operational, procedural) for alignment with regulatory requirements (e.g., NIST CSF, HIPAA, HITRUST, PCI).
Develops and documents remediation guidance, develops and implements corrective action plans based on assessment findings and identified vulnerabilities. Ensures necessary feeds are being ingested into Splunk, and properly formatted for reviews. Leads the team in analyzing security log data, leveraging tools and technologies including but not limited to:

  • Security Information and Event Management (SIEM) tools
  • Access Control
  • Network Security
  • Intrusion Detection / Prevention Systems
  • Identity Governance and Administration
  • Malware Protection
  • Email Security
  • Data Loss Prevention
  • Cloud Security solutions

Implements upskilling plans to improve team effectiveness. Leads training and Cyber exercises.
Identity Governance and Access Management (IGAM):
With the IGAM Lead, implements and enforces Multi Factor Authentication (MFA) requirements, access controls, and User Lifecycle Management (ULM). Provides Recommends to continuous improvements to IGAM processes to prevent end-user issues. Position entails work in a 24/7 department which may require work outside of normal business hours. Performs other duties as assigned.

Skills:
A minimum of seven to ten (7-10) years of relevant business/industry experience. Hands-on experience with cyber security tools, process, methodologies and frameworks.

Expertise working incident response and cyber operations.

Technical leadership skills, ability to set priorities and meet obligations in a timely manner.
Five plus (5+) translating business requirements and priorities into cyber security policies and procedures.
Five plus (5+) of experience in vulnerability assessment and/or penetration testing, digital forensics, or Incident Response.

Experience in a hospital or healthcare related organization.
Certifications Required
At least one of the following: GIAC Certified Incident Handler (GCIH),GIAC Advanced Security Essentials – Enterprise Defender (GCED), Certified Information Systems Security Professional (CISSP), or equivalent

Education:
Bachelor’s degree in a relevant technical area such as Cyber Security, Computer Science, Computer Information Systems, Engineering, or related technical field, or equivalent work experience.
Preferred:
Master’s degree in Computer Science, Computer Information Systems, Cyber Security, Cyber Forensics, Engineering, or related technical field.

Interested in hearing more? Easy Apply now by clicking the "Apply Now" button.

Drop files here browse files ...