Lead Information Security Analyst

Martin's Point Health Care•Portland, ME

35d

About The Position

The Lead Information Security Analyst assists in the development and implementation of the Information Security program and is a key contributor in developing security policies, monitoring and analyzing traffic and logs, and assisting in protecting the organization's IT systems and software from malicious activity and technology breaches. The Lead Analyst participates and leads security risk assessments, performs and analyzes vulnerability scans, and works with others in IT and the business to remediate and eliminate risks. The Lead Information Security Analyst is responsible for providing expert technical knowledge, standards development, program development, risk assessment, reporting, and awareness education related to information security.

Requirements

Bachelor's degree in CIS, CS, Business Administration, or similar, or combination of equivalent education and experience.
6+ years of experience with information security technologies, security monitoring, incident response, open-source technologies, and various operating systems.
Experience with Networking standards, Microsoft AD, Endpoint Support (Windows / iOS ), Server Administration Linux/Windows, Security protocols and monitoring tools.

Nice To Haves

Understands how organizational workflows affect data meaning and use.
Proven mentor to other team members
Strong troubleshooting skills
Senior level understanding of SIEMs, incident response, disaster recovery, contingency planning, encryption technologies, intrusion detection/prevention systems, and/or vulnerability management
Able to communicate effectively and clearly to all levels of the IT organization and business when addressing a challenge or identified opportunity - take ownership.
Can plan/scope several inter-related activities to create efficiencies.
Creates processes and mentors staff (Internal and External) on best practices
Manages multiple deliverables and communicates updates effectively to all departments and stakeholders

Responsibilities

Assist in leading monitoring SIEM, IDS/IPS, endpoint protections, and identity management solutions.
Lead technical efforts of administering and engineering the security infrastructure including the single sign-on, multi-factor authentication, business continuity, and GRC tools.
Assist in leading designs of security solutions.
Assist in leading efforts in monitoring and auditing information systems, networks, and databases to identify and isolate occurrences of unauthorized activity; prepares and coordinates corrective actions.
Assist in leading and conducting security assessments and audits, penetration testing, IT forensic investigations and incident management.
Perform and/or coordinate regular security assessments of existing or new infrastructure or applications.
Assist in leading and coordinating response to information security incidents and threats
Assess, manage, and coordinate information and cyber vulnerabilities throughout the organization.
Develops, defines, reviews and enforces information security policy, standards and guidelines for business operations and technology implementations.
Proactively identifies information and IT security risks including IT technical implementations or business processes.
Coordinates group-wide and company-wide information security matters such as incident response, intrusion detection management, and cyber security advisories.