The Information Security Analyst II provides support for various components of the Medical Center's information security program. This includes safeguarding the organization against computer viruses, worms, spyware, malware, intrusion/unauthorized access, denial-of-service attacks, and attacks by hackers. The Information Security Analyst II also monitors, analyzes and investigates security alerts and helps execute threat responses and makes recommendations for improvements. Works with end users to determine needs of individual departments. Implements policies or procedures and tracks compliance throughout the organization. Under general supervision, the Information Security Analyst II supports the company's information security posture and performs various duties primarily focused on protecting the information assets and security posture of Torrance Memorial.
|
Core Competencies | |
- Establishes system controls by developing framework for controls and levels of access; recommends improvements.
| |
- Ensures authorized access by investigating improper access; revoking access; reporting violations; monitoring of alerts, logs, and security reports.
| |
- Plans, implements and upgrades security measures and controls.
| |
- Establishes plans and protocols to protect data and information systems against unauthorized access, modification and/or destruction.
| |
- Leads remediation efforts to address vulnerabilities and information security risks in a timely manner.
| |
- Monitors and maintains security systems and firewalls, logs, applications, and related reporting, and alerts.
| |
- Monitors, maintains, and creates meaningful security related metrics that measure performance, vulnerabilities, statistical improvements/declines, and relative environmental factors, anomalies, risks, and compliance measures.
| |
- Defines, implements, and maintains corporate security policies and procedures, and develops operational documentation and processes.
| |
- Conducts research in emerging technologies and participates in the evaluation of technologies that align with business goals, reduces costs and improves reliability, scalability and security.
| |
- Educates medical center staff in security awareness and procedures.
| |
- Completes projects and tasks associated with security monitoring, detection, incident response, audits, and security program initiatives.
| |
- Investigates intrusion attempts, security incidents, malware infections, exploit attempts, and internet usage anomalies.
| |
- Produces reports on intrusion activities, security incidents, and other threat indications and alerts.
| |
- Creates newsletters and articulates threats/alerts to all levels of the organization.
| |
Education |
| Degree | Program |
| Bachelors | N/A |
| Additional Information |
| Bachelor's degree in Computer Science, Mathematics, Statistics, or Business OR five years of work experience in an information technology analyst role. |
Experience |
| Number of Years Experience | Type of Experience |
| 3 | IT Security Analyst position in healthcare |
| Additional Information |
| Experience with Incident Response, Firewall management, Email security, Security Awareness Program support / administration, Endpoint security tools, vulnerability management. |
License / Certification Requirements |
| SANS/GIAC Certification, or CISM or CISSP, or CISA |
Compensation Range $50.05 - $83.93 / Hour |
