MetroPlusHealth
IT Security Ops Analyst
MetroPlusHealth, New York, New York, us, 10261
Empower. Unite. Care.
MetroPlusHealth
is committed to empowering New Yorkers by uniting communities through care. We believe that Health care is a right, not a privilege. If you have compassion and a collaborative spirit, work with us. You can come to work being proud of what you do every day.
About NYC Health + Hospitals
MetroPlus Health
provides the highest quality healthcare services to residents of Bronx, Brooklyn, Manhattan, Queens and Staten Island through a comprehensive list of products, including, but not limited to, New York State Medicaid Managed Care, Medicare, Child Health Plus, Exchange, Partnership in Care, MetroPlus Gold, Essential Plan, etc. As a wholly-owned subsidiary of NYC Health + Hospitals, the largest public health system in the United States, MetroPlus Health
network includes over 27,000 primary care providers, specialists and participating clinics. For more than 30 years, MetroPlus Health
has been committed to building strong relationships with its members and providers to enable New Yorkers to live their healthiest life.
Position Overview
The IT Security Operations Analyst is responsible for the day-to-day operations of all MetroPlus Health
security monitoring systems. Additionally, this role will oversee the identification, investigation, and resolution of security incidents/threats. The IT Security Operations Analyst will be involved in the implementation of new security solutions, as well as participate in the creation and maintenance of security policies, procedures, standards, baselines, and guidelines. The IT Security Operations Analyst will be expected to remain apprised of the enterprise's security goals as established by its stated policies, procedures, and guidelines, and to actively work towards upholding those goals.
Job Description
Strategy & PlanningParticipate in the planning and design of enterprise security architecture, under the direction of the Director of IT Security Operations.Participate in the creation of enterprise security documents (policies, procedures, standards, baselines, and guidelines) under the direction of the Director of IT Security Operations.Serve as project lead for IT Security initiatives by documenting project plan, implementation, and outcome.Acquisition & Deployment
Research the latest information security industry trends, including awareness of new or revised security solutions, improved security processes, and the emergence of new attacks and threat vectors.Recommend security enhancements to IT Security management.Perform deployment, integration, and initial configuration of new IT Security solutions and of any enhancements to existing IT Security solutions, in accordance with industry-standard best operating procedures and the enterprise's security documents.Operational Management
Monitor MetroPlus Health
security systems to ensure efficient and effective operation.Review logs and reports for all MetroPlus Health
devices, whether they be under direct control (i.e., security tools) or not (e.g., workstations, servers, network devices).Interpret the implications of any reported activity, and devise plans for appropriate response and resolution.Monitor for security breaches and investigate when a violation occurs.Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.Provide on-call support for end users for all MetroPlus Health
security systems.Minimum Qualifications
Bachelor's Degree required, with a preference for Cybersecurity or similar area of study; andMinimum 5 years of experience in IT Security Operations; orAssociate's Degree required, with a preference for Cybersecurity or similar area of study; andMinimum 7 years of experience in IT Security Operations.Demonstrated ability to identify threats and understand the workflows associated with investigating security events and incidents.In-depth knowledge of systems, applications, and systems forensics.Strong knowledge of threat intelligence.An understanding of various coding languages.Thorough understanding of computer-related security systems including firewalls, encryption, password protection, and authentication.Experience with SIEM platforms.Working technical knowledge of Advance Threat Protection tools such as Crowdstrike, Trellix, etc.Strong understanding of network protocols, architecture, and administration.Licensure and/or Certification Preferred
One or more of the following certifications or exams are preferred but not required
ISC 2
CISSP: Certified Information Systems Security ProfessionalSSCP Systems Security Certified PractitionerCCFP Certified Cyber Forensics Professional
CompTIA
CompTIA Security+CompTIA CySA+
GIAC
GSEC: GIAC Security Essentials CertificationGCFE: GIAC Certified Forensic ExaminerGCIH: GIAC Certified Incident Handler
Microsoft
Microsoft 365 Certified: Security Administrator AssociateMicrosoft Certified: Security Operations Analyst AssociateMicrosoft Certified: Azure Security Engineer AssociateExam MS-500: Microsoft 365 Security AdministrationExam SC-200: Microsoft Security Operations AnalystExam AZ-101: Microsoft Azure Integration and Security
Professional Competencies
Demonstrated problem-solving and analytical skills.Strong documentation skillsEffective communication skills - both written and verbal.
MetroPlusHealth
is committed to empowering New Yorkers by uniting communities through care. We believe that Health care is a right, not a privilege. If you have compassion and a collaborative spirit, work with us. You can come to work being proud of what you do every day.
About NYC Health + Hospitals
MetroPlus Health
provides the highest quality healthcare services to residents of Bronx, Brooklyn, Manhattan, Queens and Staten Island through a comprehensive list of products, including, but not limited to, New York State Medicaid Managed Care, Medicare, Child Health Plus, Exchange, Partnership in Care, MetroPlus Gold, Essential Plan, etc. As a wholly-owned subsidiary of NYC Health + Hospitals, the largest public health system in the United States, MetroPlus Health
network includes over 27,000 primary care providers, specialists and participating clinics. For more than 30 years, MetroPlus Health
has been committed to building strong relationships with its members and providers to enable New Yorkers to live their healthiest life.
Position Overview
The IT Security Operations Analyst is responsible for the day-to-day operations of all MetroPlus Health
security monitoring systems. Additionally, this role will oversee the identification, investigation, and resolution of security incidents/threats. The IT Security Operations Analyst will be involved in the implementation of new security solutions, as well as participate in the creation and maintenance of security policies, procedures, standards, baselines, and guidelines. The IT Security Operations Analyst will be expected to remain apprised of the enterprise's security goals as established by its stated policies, procedures, and guidelines, and to actively work towards upholding those goals.
Job Description
Strategy & PlanningParticipate in the planning and design of enterprise security architecture, under the direction of the Director of IT Security Operations.Participate in the creation of enterprise security documents (policies, procedures, standards, baselines, and guidelines) under the direction of the Director of IT Security Operations.Serve as project lead for IT Security initiatives by documenting project plan, implementation, and outcome.Acquisition & Deployment
Research the latest information security industry trends, including awareness of new or revised security solutions, improved security processes, and the emergence of new attacks and threat vectors.Recommend security enhancements to IT Security management.Perform deployment, integration, and initial configuration of new IT Security solutions and of any enhancements to existing IT Security solutions, in accordance with industry-standard best operating procedures and the enterprise's security documents.Operational Management
Monitor MetroPlus Health
security systems to ensure efficient and effective operation.Review logs and reports for all MetroPlus Health
devices, whether they be under direct control (i.e., security tools) or not (e.g., workstations, servers, network devices).Interpret the implications of any reported activity, and devise plans for appropriate response and resolution.Monitor for security breaches and investigate when a violation occurs.Participate in the design and execution of vulnerability assessments, penetration tests, and security audits.Provide on-call support for end users for all MetroPlus Health
security systems.Minimum Qualifications
Bachelor's Degree required, with a preference for Cybersecurity or similar area of study; andMinimum 5 years of experience in IT Security Operations; orAssociate's Degree required, with a preference for Cybersecurity or similar area of study; andMinimum 7 years of experience in IT Security Operations.Demonstrated ability to identify threats and understand the workflows associated with investigating security events and incidents.In-depth knowledge of systems, applications, and systems forensics.Strong knowledge of threat intelligence.An understanding of various coding languages.Thorough understanding of computer-related security systems including firewalls, encryption, password protection, and authentication.Experience with SIEM platforms.Working technical knowledge of Advance Threat Protection tools such as Crowdstrike, Trellix, etc.Strong understanding of network protocols, architecture, and administration.Licensure and/or Certification Preferred
One or more of the following certifications or exams are preferred but not required
ISC 2
CISSP: Certified Information Systems Security ProfessionalSSCP Systems Security Certified PractitionerCCFP Certified Cyber Forensics Professional
CompTIA
CompTIA Security+CompTIA CySA+
GIAC
GSEC: GIAC Security Essentials CertificationGCFE: GIAC Certified Forensic ExaminerGCIH: GIAC Certified Incident Handler
Microsoft
Microsoft 365 Certified: Security Administrator AssociateMicrosoft Certified: Security Operations Analyst AssociateMicrosoft Certified: Azure Security Engineer AssociateExam MS-500: Microsoft 365 Security AdministrationExam SC-200: Microsoft Security Operations AnalystExam AZ-101: Microsoft Azure Integration and Security
Professional Competencies
Demonstrated problem-solving and analytical skills.Strong documentation skillsEffective communication skills - both written and verbal.