US
0 suggestions are available, use up and down arrow to navigate them
PROCESSING APPLICATION
Hold tight! We’re comparing your resume to the job requirements…
ARE YOU SURE YOU WANT TO APPLY TO THIS JOB?
Based on your Resume, it doesn't look like you meet the requirements from the employer. You can still apply if you think you’re a fit.
Job Requirements of Information Security Analyst/Administrator:
-
Employment Type:
Contractor
-
Location:
Mason, OH (Onsite)
Do you meet the requirements for this job?
Information Security Analyst/Administrator
Careers Integrated Resources Inc
Mason, OH (Onsite)
Contractor
Title: Information Security Analyst/Administrator
Location: Mason OH - Hybrid 2 days a week (Tue & Thurs)
Duration: 6 month(s) and Possibility of Extension
Work Hours: 8-5pm (40 hours per week)
The Information Security Analyst will serve a critical role in supporting Client Vision Care information security and compliance requirements and initiatives. This role is focused on providing oversight, driving, facilitating and coordinating the management of vulnerabilities across the enterprise, rather than performing hands-on technical remediation. The analyst will work closely with internal teams and stakeholders to ensure timely remediation efforts, providing visibility into risk status through tracking and reporting. The analyst will also be responsible for compiling and delivering progress updates and reports to leadership and responding to client inquiries related to the organization s vulnerability management and remediation efforts. Overall, the analyst will contribute to the organization s compliance with audits, attestations, and regulatory obligations such as HIPAA, HITRUST, SSAE-18, and PCI.
MAJOR DUTIES AND RESPONSIBILITIES
Monitor and analyze vulnerability assessment data to identify and communicate technical risks to the organization
Support the identification and impact classification for new vulnerabilities identified in the environment
Execute and support vulnerability assessments, penetration testing and social engineering activities
Provide the Information Security and IT Security team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures
Facilitate vulnerability management processes by tracking and coordinating remediation efforts across multiple teams
Ensure timely closure of security gaps by working with application, infrastructure, and operations teams
Support IS in achieving the vision and strategic objectives of the vulnerability program
Provide regular updates and risk summaries to leadership regarding the status of remediation efforts
Support leadership to identify capability gaps in vulnerability management services
Support responses to client and third-party security inquiries, questionnaires, and audit requests related to vulnerability management
Manage and utilize IS tools such as DLP, Code scanner, external security profile, internal and external scanning tools and scoring platforms etc. to analyze gaps in security controls Participate in the IT SDLC program to ensure that security is included in project by default and by design
Develop strong working relationships across business, technology units and potentially clients to ensure a high degree of alignment and accountability in remediation, security compliance and client satisfaction.
Collaborate with cross-functional teams to improve security posture and embed security into existing IT and operational workflows
Assist with regulatory and compliance requirements, contributing to security audits, attestations, and certifications
Brief IS leadership on vulnerability assessment results and potential risks
Conduct analysis, aggregate and report on vulnerability data from various scanning tools and platforms
Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function
BASIC QUALIFICATIONS
Bachelor s degree in computer science, IT or equivalent
3+ years of experience in IT Risk or IS or Compliance
Experience with major standards such as: SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST
Demonstrated experience in implementing compliance frameworks for financial services organizations with similar information security needs and requirements
Familiarity and understanding of a broad range of IT hardware and software products
Strong project and time management abilities
Excellent presentation, verbal communication, and written skills Excellent analytical, problem-solving and organizational skills
Experience managing typical enterprise security and intrusion detection systems, especially in a regulated environment
Ability to work in a collaborative environment across business and technology teams
Experience in producing clear and actionable reports for technical and non-technical stakeholders
PREFERRED QUALIFICATIONS
Certified Information Systems Security Profession (CISSP), PCI DSS, Certified HIPAA Privacy Security Expert (CHPSE), Certified Information Security manager (CISM), Global Information Assurance Certification (GIAC), or related.
Experience or knowledge with healthcare, health insurance, managed care, or regulated industries
Knowledge of CMS and HIPAA related vendor standards and requirements Working knowledge of Security SDLC tools
Familiarity or experience with the following tools: o Security Scorecard, BitSight, SSL Labs o Nessus Pro, Qualys o Splunk, JIRA o HCL AppScan, or similar code scanning and vulnerability tools
Location: Mason OH - Hybrid 2 days a week (Tue & Thurs)
Duration: 6 month(s) and Possibility of Extension
Work Hours: 8-5pm (40 hours per week)
The Information Security Analyst will serve a critical role in supporting Client Vision Care information security and compliance requirements and initiatives. This role is focused on providing oversight, driving, facilitating and coordinating the management of vulnerabilities across the enterprise, rather than performing hands-on technical remediation. The analyst will work closely with internal teams and stakeholders to ensure timely remediation efforts, providing visibility into risk status through tracking and reporting. The analyst will also be responsible for compiling and delivering progress updates and reports to leadership and responding to client inquiries related to the organization s vulnerability management and remediation efforts. Overall, the analyst will contribute to the organization s compliance with audits, attestations, and regulatory obligations such as HIPAA, HITRUST, SSAE-18, and PCI.
MAJOR DUTIES AND RESPONSIBILITIES
Monitor and analyze vulnerability assessment data to identify and communicate technical risks to the organization
Support the identification and impact classification for new vulnerabilities identified in the environment
Execute and support vulnerability assessments, penetration testing and social engineering activities
Provide the Information Security and IT Security team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures
Facilitate vulnerability management processes by tracking and coordinating remediation efforts across multiple teams
Ensure timely closure of security gaps by working with application, infrastructure, and operations teams
Support IS in achieving the vision and strategic objectives of the vulnerability program
Provide regular updates and risk summaries to leadership regarding the status of remediation efforts
Support leadership to identify capability gaps in vulnerability management services
Support responses to client and third-party security inquiries, questionnaires, and audit requests related to vulnerability management
Manage and utilize IS tools such as DLP, Code scanner, external security profile, internal and external scanning tools and scoring platforms etc. to analyze gaps in security controls Participate in the IT SDLC program to ensure that security is included in project by default and by design
Develop strong working relationships across business, technology units and potentially clients to ensure a high degree of alignment and accountability in remediation, security compliance and client satisfaction.
Collaborate with cross-functional teams to improve security posture and embed security into existing IT and operational workflows
Assist with regulatory and compliance requirements, contributing to security audits, attestations, and certifications
Brief IS leadership on vulnerability assessment results and potential risks
Conduct analysis, aggregate and report on vulnerability data from various scanning tools and platforms
Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function
BASIC QUALIFICATIONS
Bachelor s degree in computer science, IT or equivalent
3+ years of experience in IT Risk or IS or Compliance
Experience with major standards such as: SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST
Demonstrated experience in implementing compliance frameworks for financial services organizations with similar information security needs and requirements
Familiarity and understanding of a broad range of IT hardware and software products
Strong project and time management abilities
Excellent presentation, verbal communication, and written skills Excellent analytical, problem-solving and organizational skills
Experience managing typical enterprise security and intrusion detection systems, especially in a regulated environment
Ability to work in a collaborative environment across business and technology teams
Experience in producing clear and actionable reports for technical and non-technical stakeholders
PREFERRED QUALIFICATIONS
Certified Information Systems Security Profession (CISSP), PCI DSS, Certified HIPAA Privacy Security Expert (CHPSE), Certified Information Security manager (CISM), Global Information Assurance Certification (GIAC), or related.
Experience or knowledge with healthcare, health insurance, managed care, or regulated industries
Knowledge of CMS and HIPAA related vendor standards and requirements Working knowledge of Security SDLC tools
Familiarity or experience with the following tools: o Security Scorecard, BitSight, SSL Labs o Nessus Pro, Qualys o Splunk, JIRA o HCL AppScan, or similar code scanning and vulnerability tools
Get job alerts by email.
Sign up now!
Join Our Talent Network!