Northwestern Medicine
Security Analyst, GRC
Northwestern Medicine, Chicago, Illinois, United States, 60290
DescriptionThe
Security Analyst
reflects the mission, vision, and values of NM, adheres to the organizations Code of Ethics and Corporate Compliance Program, and complies with all relevant policies, procedures, guidelines and all other regulatory and accreditation standards.Responsibilities:Investigate alerts generated by security controls.Implement/provide recommendations to improve detection capability accuracy.Participate in the development/optimization of incident response standards and procedures to increase the organization's cyber resiliency.Coach and mentor junior resources.Analyze the enterprise information security environment and recommend security measures to safeguard valuable information assets.Help identify, evaluate, and report on information security risks.Collaborate with vendors and internal departments to optimize performance of security controls.Collaborate with network and technology support teams to enhance and improve security processes and documentation.Regularly evaluate and assess information security vulnerabilities, solutions, and organizational posture.Stay current with security technologies and threats in order to contextualize the events observed in the environment.Assist in providing initial assessment of impact severity for IT security incidents and executing the appropriate response.Investigate any fraud and other computer issues.Perform daily operational tasks required for the department to protect NM's assets. Tasks range from (but are not limited to):
Analyze security alertsMaintain endpoint protection infrastructureFacilitate risk evaluation related to vulnerability assessment findings and coordinate risk treatment
QualificationsRequired:Bachelor's degree or equivalent work experienceTwo or more years of professional IT experience, including Cyber SecurityWorking knowledge of the following subjects:
Network (protocols, topologies)Security controls (proxies, IPS, IDS, Firewall and packet analyzers)Systems (Windows, Linux/UNIX)Software development (development/scripting languages)Incident ResponseThreat and Vulnerability Management
Experience and knowledge of at least two of the major security vendors relevant to the position.Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, ISO 27001 & 27002, ITIL).Excellent problem-solving skillsDemonstrated timely task completion involving solid organizational skills, task tracking, follow-up, and productive peer interaction.Excellent verbal and written communication skills.Preferred:Certification or courses: Associate of (ISC)/CISSP, GSEC, GCWN, GCED or CEH a plusEqual OpportunityNorthwestern Medicine is an affirmative action/equal opportunity employer and does not discriminate in hiring or employment on the basis of age, sex, race, color, religion, national origin, gender identity, veteran status, disability, sexual orientation or any other protected status.
#J-18808-Ljbffr
Security Analyst
reflects the mission, vision, and values of NM, adheres to the organizations Code of Ethics and Corporate Compliance Program, and complies with all relevant policies, procedures, guidelines and all other regulatory and accreditation standards.Responsibilities:Investigate alerts generated by security controls.Implement/provide recommendations to improve detection capability accuracy.Participate in the development/optimization of incident response standards and procedures to increase the organization's cyber resiliency.Coach and mentor junior resources.Analyze the enterprise information security environment and recommend security measures to safeguard valuable information assets.Help identify, evaluate, and report on information security risks.Collaborate with vendors and internal departments to optimize performance of security controls.Collaborate with network and technology support teams to enhance and improve security processes and documentation.Regularly evaluate and assess information security vulnerabilities, solutions, and organizational posture.Stay current with security technologies and threats in order to contextualize the events observed in the environment.Assist in providing initial assessment of impact severity for IT security incidents and executing the appropriate response.Investigate any fraud and other computer issues.Perform daily operational tasks required for the department to protect NM's assets. Tasks range from (but are not limited to):
Analyze security alertsMaintain endpoint protection infrastructureFacilitate risk evaluation related to vulnerability assessment findings and coordinate risk treatment
QualificationsRequired:Bachelor's degree or equivalent work experienceTwo or more years of professional IT experience, including Cyber SecurityWorking knowledge of the following subjects:
Network (protocols, topologies)Security controls (proxies, IPS, IDS, Firewall and packet analyzers)Systems (Windows, Linux/UNIX)Software development (development/scripting languages)Incident ResponseThreat and Vulnerability Management
Experience and knowledge of at least two of the major security vendors relevant to the position.Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, ISO 27001 & 27002, ITIL).Excellent problem-solving skillsDemonstrated timely task completion involving solid organizational skills, task tracking, follow-up, and productive peer interaction.Excellent verbal and written communication skills.Preferred:Certification or courses: Associate of (ISC)/CISSP, GSEC, GCWN, GCED or CEH a plusEqual OpportunityNorthwestern Medicine is an affirmative action/equal opportunity employer and does not discriminate in hiring or employment on the basis of age, sex, race, color, religion, national origin, gender identity, veteran status, disability, sexual orientation or any other protected status.
#J-18808-Ljbffr