IS Security Specialist

About The Position

Requirements

• 5+ years of proven experience in administering security controls in an organization
• BA/BS in related field or equivalent in education and experience such as CISSP certification
• Experience performing security risk analysis and compliance assessments
• Experience analyzing/investigating information security incidents from reporting platforms such IPS/IDS, NAC, DLP, SIEM, and vulnerability monitoring systems.
• Experience with common security industry and audit standards, such as NIST 800 series, PCI-DSS
• Experience in leading incident response for security and privacy incidents.
• Ability to work, with or without reasonable accommodation, with a diverse population of patients and colleagues seeking or considering care in all areas.

Nice To Haves

• Experience or familiarity with next generation security platforms, endpoint protection life cycle management tool experience i.e. Sophos, Mimecast, Varonis, Palo Alto, MS365 is a plus.

Responsibilities

• Lead advanced security monitoring, incident response, and blue team operations.
• Focus on strategic Governance, Risk, and Compliance (GRC) for the M365 platform.
• Ensure security configurations align with industry frameworks and organizational standards.
• Leverage the Cybersecurity Kill Chain to detect and remediate enterprise threats.
• Conduct comprehensive Risk Assessments and internal audits to ensure continuous compliance.
• Participate in an on-call rotation for incident response as necessary.
• Develop Information Security policies, standards, guidelines and procedures.

Benefits

• medical
• dental
• vision
• life insurance
• AD&D
• long term disability
• health savings account
• flexible spending account
• employee assistance program
• multiple supplemental benefits (voluntary life, critical illness, accident, hospital indemnity, identity theft protection, legal services, etc.)
• 401k retirement plan
• employer matching contribution up to 4%