Job Description
HealthPlanOne's mission is to help people find the right health insurance at the right price, so they live healthier lives. We are committed to making the shopping process simpler. Our mission has never been more important than it is today.
The Security Analyst will coordinate, develop, and evaluate security programs, ensuring they are effective and identifying any needs for additional resources. This role will also be responsible for completing limited phases of broad software development projects.
Duties/Responsibilities:
* Perform risk assessments and review of account permissions, computer data access needs, security violations, and programming changes
* Support the implementation of computer system security plans with HealthPlanOne personnel and outside vendors
* Develop plans to safeguard computer configuration and data files against accidental and unauthorized modification, destruction, or disclosure and to meet emergency data processing needs
* Modify and monitor computer configuration and data files to incorporate new software and virus protection systems, correct errors, or change individual access status
* Implement continuous automated security compliance capabilities
* Perform technical risk assessments and reviews of new and existing applications and systems, including data center physical security and environment
* Provide Incident Response (IR) support when analysis confirms actionable incidents:
* Participate in event investigation, incident response, and disaster recovery activities
* May assist in development and updates of information technology disaster recovery and business continuity planning
* Assists in forensic analysis and reporting
* Investigate security breaches and other alerts
* Assist in routine access and system auditing
* Work closely with a technical lead to discuss the security and related matters and suggest security related improvements
* Work with and audit security vendors' performance
* Stay current on information technology trends and security standards
* Research systems and procedures for the prevention, detection, containment, and correction of data security breaches
* Train users and promote security awareness to ensure system security and to improve application, server, and network efficiency
* Assist in the monitoring and tracking of technical vulnerabilities and associated remediation activities
* Assist in designing and deploying security applications and infrastructure program activities
* Assist in advising management and users regarding security configurations and procedures
* May assist in encrypting data transmissions and defining firewall configuration to protect confidential information in transit
* Security monitoring and Intrusion Detection (IDS)
* Perform daily review and validation of critical/high alerts and escalate accordingly. Perform weekly reviews of medium alerts and logs and create tickets for investigation or remediation based on team and availability
* Monitor systems and procedures to protect data systems and databases from unauthorized access
* Follow up on email security alerts and issues via O365 Security Center
* Performs other related duties as assigned
Required Skills/Abilities:
* Bachelor's degree in technology or related field
* 5 years IT or network security experience
* 2 years' experience working as a Systems Administrator
* 1 year experience as a Security Analyst or equivalent knowledge
* Solid understanding of data analysis and performance metrics
* Advanced skills in Microsoft Office products including MS Project and Visio
* Experience troubleshooting, debugging, and diagnostic skills in a complex IT environment
* Ability to create system documentation for ongoing system management
* Knowledge of JIRA and Service Now
* Working knowledge of web security best practices
* Must understand PCI, NIST, HITRUST requirements
* Experience analyzing Federal IT systems to evaluate for security compliance
* Knowledge of software engineering methodologies and basic system requirement identification and analysis
* Familiarity with O365 Admin and Security Centers
* Familiarity with Microsoft Azure
* Results driven with outstanding attention to detail
* Excellent written and oral communication skills
* High level of professionalism and discretion, dealing with sensitive information and in the midst of stressful engagements
Preferred Skills/Abilities:
* MBA, CISSP, or equivalent
* Experience with IDS/IPS, Network Security, Gateway Security, and Endpoint Security
* Experience responding to RFPs
* Experience maintaining IT Security Appliances (Firewall, Proxy, WAF, IDPS, SIEM)
Physical Requirements:
* Prolonged periods of sitting at a desk and working on a computer, typically in a cubicle environment (constant noise, fluorescent overhead lighting)
Our centers are consistent with CDC guidelines and align with local government orders pertaining to all Company physical locations in relation to COVID-19.
Equal Employment Opportunity (EEO) is a fundamental principle at HPOne, where employment is based upon personal capabilities and qualifications. HPOne does not discriminate because of actual or perceived sex, sexual orientation or preference, gender identity, gender, transgender, race, color, religion, national origin, creed, citizenship status, ancestry, age, marital status, pregnancy, childbirth or related medical conditions, medical conditions including genetic characteristics, mental or physical disability, military and veteran status, or any other protected characteristic as established by law. HPOne requires the necessary drug testing and background checks as part of our pre-employment practices. If you need assistance or an accommodation due to a disability, please contact us to request accommodation at accommodations@hpone.com
Compensation and Hours
Salary Range: Not Available Not Available Other Benefits: Not Available Type of Job: Regular
View what local employers are paying Security Management Specialists