Complete Health
Sr Information Security Analyst Job at Complete Health in Jacksonville
Complete Health, Jacksonville, FL, US
SUMMARY OF JOB DUTIES: The Senior Information Security Analyst is responsible for safeguarding the organization's digital assets and protecting sensitive data from cyber threats. This role involves monitoring, identifying, analyzing, and responding to security incidents, as well as proactively implementing measures to prevent breaches. The Senior Analyst will collaborate with cross-functional teams, provide guidance on security best practices, and support the continuous improvement of the organization's security posture. This role also includes mentoring junior team members and ensuring adherence to regulatory and compliance standards. In addition, this role will reduce server and unnecessary IT overhead footprint and reduce associated labor and cost. ESSENTIAL JOB FUNCTIONS: Threat Detection and Response: Monitor security alerts, analyze threat intelligence, and respond to potential incidents. Investigate security incidents and perform root cause analysis, documenting findings and recommendations. Develop and maintain incident response playbooks, ensuring effective and timely responses. Vulnerability Management: Conduct regular vulnerability assessments and work with teams to remediate identified issues. Manage and monitor security patching processes across critical systems. Continuously assess security posture to identify potential weaknesses. Security Operations and Monitoring: Oversee security monitoring systems, including SIEM, intrusion detection/prevention systems, firewalls, and endpoint protection tools. Perform regular log analysis and maintain security baselines for systems and applications. Optimize and refine security alerts to improve detection accuracy and reduce false positives. Compliance and Risk Management: Support compliance with regulatory standards such as HIPAA, and NIST. Conduct risk assessments and provide recommendations to mitigate identified risks. Ensure the organization's policies and procedures align with industry security standards and best practices. Collaboration and Communication: Work with other departments to ensure security controls are integrated into business processes. Communicate effectively with stakeholders, providing clear explanations of security incidents, vulnerabilities, and recommendations. Provide training and mentoring to junior analysts on threat detection, analysis, and incident response. Documentation and Reporting: Maintain accurate and up-to-date documentation of security incidents, investigations, and response activities. Generate reports on security incidents, compliance audits, and vulnerability management for leadership review. Prepare executive-level summaries highlighting the security status and ongoing risks to the organization. MINIMUM REQUIREMENTS Education: Bachelor's degree in information security, Computer Science, or related field. Equivalent experience may be considered in lieu of a degree. Experience: 5 years of experience in Information Security, with a focus on security operations, incident response, and vulnerability management. Proven experience with SIEM tools, firewalls, endpoint protection, and other security technologies. Technical Skills: Strong knowledge of security tools, including SIEM, IDS/IPS, and endpoint protection systems. Familiarity with regulatory requirements and frameworks (e.g., HIPAA, HITRUST, NIST). Analytical Skills: Strong problem-solving skills and ability to analyze security incidents with attention to detail. Communication Skills: Excellent written and verbal communication skills, with the ability to convey technical security concepts to non-technical audiences. Interpersonal Skills: Ability to work effectively with cross-functional teams, providing guidance and fostering a collaborative approach to security.