Information Security Analyst

The Information Security Analyst serves as a specialist in the development, implementation and administration of internal security functions including maintaining security requirements.This role analyzes security policies, processes and procedures and verifies adherence to those controls.**Responsibilities**: Application Security Support- Web Application Security- Web Application Vulnerability Management- Assist with Bugcrowd investigation- Reviewing Threat Models- Review and update security procedures and document workflows as necessary- Auditing- Focus on security reviews, internal audits, and issue triaging- Vendor Audits (technical and administrative controls)- Conduct elevated account audits - Active Directory- Support current and future security operations**Required Qualifications**- 2+ years of experience working within information security.- Experience with information security technologies, such as: IDS/IPS, malware prevention, end-point protection, multi-factor authentication, security information and event management (SIEM), web content filtering, encryption, network access control (NAC), data loss prevention (DLP), firewall administration and vulnerability scanners.- Knowledge of LANs, WANs, SANs, Microsoft Active Directory, Microsoft Windows server and desktop operating systems, Linux operating systems, Microsoft IIS, Microsoft SQL, and Oracle.- Expertise in technology platforms, tools and processes used in the healthcare environment required.- Expertise of enterprise architecture, IT operations and security required.- Experience in performing log collection, correlation, and reviews of automated alerts for items such as, and not limited to: malware alerts, change detection alerts, and security system health alerts, exploit attempt alerts, etc.- Ability to work independently, document work performed daily and provide relevant updates to managers.- Excellent interpersonal, verbal, and written communication ability.- Excellent problem-solving ability.**Nice to Have**- 2+ years of experience working within information security.- Experience implementing and maintaining information security technologies, such as: IDS/IPS, malware prevention, end-point protection, multi-factor authentication, security information and event management (SIEM), web content filtering, encryption, network access control (NAC), data loss prevention (DLP), firewall administration and vulnerability scanners.- Knowledge of LANs, WANs, SANs, Microsoft Active Directory, Microsoft Windows server and desktop operating systems, Linux operating systems, Microsoft IIS, Microsoft SQL, and Oracle.- Expertise in technology platforms, tools and processes used in the healthcare environment required.- Expertise of enterprise architecture, IT operations and security required.- Experience with secure coding practices, ethical hacking and threat modeling- Experience with project management- In-depth knowledge of applicable laws and regulations as they relate to IT and healthcare required, including HIPAA, NIST, GLBA, ISO ***********, HITRUST and SOC 2 frameworks.- Demonstrate the initiative to continuously stay apprised of emerging security threats and the general information security landscape.- Experience in performing log collection, correlation, and reviews of automated alerts for items such as, and not limited to: malware alerts, change detection alerts, and security system health alerts, exploit attempt alerts, etc.Tipo de puesto: Tiempo completo, Por tiempo indeterminadoSalario: $40,****** - $50,****** al mesSchedule:- Turno de 8 horasIdioma:- Inglés (Obligatorio)