University Health
Senior Cyber Security Analyst
University Health, San Antonio, Texas, United States, 78249
POSITION SUMMARY/RESPONSIBILITIES
The Senior Cyber Security Analyst must have a deep understanding of information security protocols and a passion for protecting Community First Health Plans Inc. (Community First) healthcare data. In this role, the Senior Analyst will be instrumental in establishing and maintaining security standards across Community First. The Senior Analyst will be required to develop, implement, and manage security solutions; and must demonstrate the ability to communicate complex security concepts to both technical and non-technical audiences. The Senior Analyst champions awareness and influences compliance with security policies and provides solutions for business-specific security issues. Oversees day-to-day identity access management and quarterly required audits. Owns and oversees the disaster recovery plans; coordinates business continuity plans with the compliance and risk management team. Serves as a thought leader and enterprise subject matter expert (SME) for federal and state information security regulations and standards.
EDUCATION/EXPERIENCE
Bachelor's degree plus five years of progressive experience working in information technology, security, or risk management. Must possess one or more of the following certifications: CISSP, CASP+, CRISC, CISA. Healthcare experience is highly desirable. Must have a functional understanding of federal/state regulations and compliance mandates, including but not limited to HIPAA, HITRUST, SOC, and other regulatory audits. MITRE ATT&CK experience in building threat detections, performing threat hunting and/or conducting incident response. Familiarity with enterprise logging technologies such as Splunk. Must have Business Continuity Plan and Disaster Recovery planning and testing experience. Five years minimum with below technologies or areas: Network Security: IDS/IPS, NGFW, NGAV Operating Systems: Windows, Linux, macOS. Security: EDR/XDR, SIEMs, Data Loss and Prevention (DLP), Vulnerability Scanning and Assessment tools.