Pennsylvania Medicine
Senior Security Operations Analyst
Pennsylvania Medicine, Phila, Pennsylvania, United States, 19117
Penn Medicine is dedicated to our tripartite mission of providing the highest level of care to patients, conducting innovative research, and educating future leaders in the field of medicine. Working for this leading academic medical center means collaboration with top clinical, technical and business professionals across all disciplines.
Today at Penn Medicine, someone will make a breakthrough. Someone will heal a heart, deliver hopeful news, and give comfort and reassurance. Our employees shape our future each day. Are you living your life's work?
The role involves on-site presence for the first 6 months with the possibility of remote work after the introductory period is complete.
Summary:
Working under limited supervision, the Senior Information Security Analyst is responsible for ensuring that key security operations tasks are completed. Security Operations involves end user security service escalation, security incident response, data forensics, technical research, threat intelligence, vulnerability management, and supporting other Information Security initiatives as necessary. The analyst performs security incident response, understands threats and vulnerabilities affecting information systems, and participates in risk assessment, management, and remediation.Responsibilities:
Monitoring security incident and event management systems, along with responding to alerts and notifications as appropriateInitiate escalation procedures to counteract potential threats and/or vulnerabilities.Investigation of suspicious network and endpoint activitySupport end-user security issuesincluding phishing, encryption, infected computer systems and morePartners with information security engineers to implement and maintain security technologiesCollaborates with information assurance advisors to address network and endpoint security risksParticipates in vulnerability management, including scanning and remediationPrepare system security reports by collecting, analyzing and summarizing data trendsPerforms duties in accordance with Penn Medicine and entity values, policies, and proceduresOther duties as assigned to support the unit, department, entity, and health system organization
Education or Equivalent Experience:
Bachelor's degree. (Required)5+ years of experience in information technologies, especially information security, such as security operations and incident response, regulatory compliance or audit, vulnerability management, security engineering or similar experience. (Required)0-1 years of experience in healthcare and academia. (Preferred)0-1 years of information security certifications, such as Security+, Network+, CCNA Security, GSEC, GCIA, GCFA, GPEN, CEH. (Preferred)0-1 years of familiarity with security standards and frameworks such as: HIPAA, PCI DSS, HITRUST, NIST, ISO, etc. (Required)0-1 years of experience with penetration testing tools, such as Kali Linux, Responder, NMAP, Wireshark, Aircrack-ng, Maltego, Nikto, etc. (Required)Skills/Abilities:
Demonstrated interpersonal/verbal communication skillsDemonstrated written communication skillsAbility to troubleshoot, research and solve technically challenging problemsStrong analysis and problem solving skillsAbility to work within tight timeframes and meet strict deadlinesAbility to work in a fast paced environment with changing prioritiesAbility to work as part of a team
We believe that the best care for our patients starts with the best care for our employees. Our employee benefits programs help our employees get healthy and stay healthy. We offer a comprehensive compensation and benefits program that includes one of the finest prepaid tuition assistance programs in the region. Penn Medicine employees are actively engaged and committed to our mission. Together we will continue to make medical advances that help people live longer, healthier lives.
Live Your Life's Work
We are an Equal Opportunity and Affirmative Action employer. Candidates are considered for employment without regard to race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, familial status, genetic information, domestic or sexual violence victim status, citizenship status, military status, status as a protected veteran or any other status protected by applicable law.
Today at Penn Medicine, someone will make a breakthrough. Someone will heal a heart, deliver hopeful news, and give comfort and reassurance. Our employees shape our future each day. Are you living your life's work?
The role involves on-site presence for the first 6 months with the possibility of remote work after the introductory period is complete.
Summary:
Working under limited supervision, the Senior Information Security Analyst is responsible for ensuring that key security operations tasks are completed. Security Operations involves end user security service escalation, security incident response, data forensics, technical research, threat intelligence, vulnerability management, and supporting other Information Security initiatives as necessary. The analyst performs security incident response, understands threats and vulnerabilities affecting information systems, and participates in risk assessment, management, and remediation.Responsibilities:
Monitoring security incident and event management systems, along with responding to alerts and notifications as appropriateInitiate escalation procedures to counteract potential threats and/or vulnerabilities.Investigation of suspicious network and endpoint activitySupport end-user security issuesincluding phishing, encryption, infected computer systems and morePartners with information security engineers to implement and maintain security technologiesCollaborates with information assurance advisors to address network and endpoint security risksParticipates in vulnerability management, including scanning and remediationPrepare system security reports by collecting, analyzing and summarizing data trendsPerforms duties in accordance with Penn Medicine and entity values, policies, and proceduresOther duties as assigned to support the unit, department, entity, and health system organization
Education or Equivalent Experience:
Bachelor's degree. (Required)5+ years of experience in information technologies, especially information security, such as security operations and incident response, regulatory compliance or audit, vulnerability management, security engineering or similar experience. (Required)0-1 years of experience in healthcare and academia. (Preferred)0-1 years of information security certifications, such as Security+, Network+, CCNA Security, GSEC, GCIA, GCFA, GPEN, CEH. (Preferred)0-1 years of familiarity with security standards and frameworks such as: HIPAA, PCI DSS, HITRUST, NIST, ISO, etc. (Required)0-1 years of experience with penetration testing tools, such as Kali Linux, Responder, NMAP, Wireshark, Aircrack-ng, Maltego, Nikto, etc. (Required)Skills/Abilities:
Demonstrated interpersonal/verbal communication skillsDemonstrated written communication skillsAbility to troubleshoot, research and solve technically challenging problemsStrong analysis and problem solving skillsAbility to work within tight timeframes and meet strict deadlinesAbility to work in a fast paced environment with changing prioritiesAbility to work as part of a team
We believe that the best care for our patients starts with the best care for our employees. Our employee benefits programs help our employees get healthy and stay healthy. We offer a comprehensive compensation and benefits program that includes one of the finest prepaid tuition assistance programs in the region. Penn Medicine employees are actively engaged and committed to our mission. Together we will continue to make medical advances that help people live longer, healthier lives.
Live Your Life's Work
We are an Equal Opportunity and Affirmative Action employer. Candidates are considered for employment without regard to race, ethnicity, color, sex, sexual orientation, gender identity, religion, national origin, ancestry, age, disability, marital status, familial status, genetic information, domestic or sexual violence victim status, citizenship status, military status, status as a protected veteran or any other status protected by applicable law.