• Information Security & Risk Analyst III

    Job Locations US-VA-Richmond
    Job ID
    2018-5199
  • About Us

    Don’t just find a job, find your WHY at a purpose-driven organization; discover a career at Virginia Premier.
    By blending quality benefits, affiliating with the world-renowned VCU Health System and offering career-advancing development programs, we allow our employees to focus on the meaningful work of improving and saving the lives of more than 200,000 people throughout the state of Virginia.
     
    At Virginia Premier, we are building an industry leading health care organization through dedicated teams that have heart, provide top-notch quality member services and embrace our mission of inspiring healthy living within the communities we serve. Our vision is to connect people to innovation, quality and affordable health care for all phases of life.
     
    If this sounds like you, read on!

    Overview

    Reporting to the Manager of IS Security and Risk, the Analyst III is a senior level analyst position that will be under moderate supervision and will be responsible for a broad scope of tasks, that will help strengthen the enterprise information security posture and ensure regulatory compliance such as HIPAA, NIST and/or Commonwealth of Virginia (VITA) standards. This role leans more towards an audit and compliance focused skill set.

     

    The Information Security Analyst III performs ongoing network security vulnerability assessments and provides solutions to mitigate security risks. This position will also work closely with other team members and management on a variety of tasks as assigned. This position will also train and work as a partner with VCU Health on various applications to provide Cybersecurity services for the Virginia Premier.

     

    The ideal candidate should be able to multitask and give equal attention to a variety of functions, while displaying excellent communications skills that includes the ability to provide formal documentation of analysis and/or research results to include briefings, reports, writing, training to all technical ability levels, and editing at a technical/professional level. The ideal individual will assist the IS manager in training and helping to develop junior team members.  The ideal candidate will also display a proven aptitude in solving problems independently and sound decision-making ability.

     

    Candidate must be detail oriented, well organized, thrive in a sense-of-urgency environment, leverage best practices, and most importantly, innovate through any problem with a can-do attitude. A familiarity of network applications and tools is essential.

     

    Responsibilities

    • Position will work closely work with other team members and management on a variety of assigned tasks.
    • Position will also work closely with VCU Information Security team on a variety of cybersecurity applications as the primary liaison from the Virginia Premier Information Security Team.
    • Responsible for helping lead vulnerability management program and providing advanced level knowledge of vulnerability scanning to business.
    • Responsible for continuous monitoring of emerging threats and develop appropriate response measures, keeping management and organization abreast of information discovered.
    • Position will participate in a rotating weekly on-call schedule with other team members.
    • Responsible for developing and on-going maintenance of information security awareness program.
    • Will work to ensure security controls in accordance with the Commonwealth of Virginia (VITA) and HIPAA compliance.
    • Responsible for performing and supporting security incident triage on all incidents to determine scope, urgency, and potential operational impact.
    • Will assist in development and monitors security metrics aligned to goal achievement
    • Ability to resolve all levels of issues regarding information systems security
    • Will assist in developing, publishing and maintaining company information security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
    • Leads evaluation IT systems involving software, hardware, configuration, and proposed changes to ensure IT security posture is in compliance with existing information security policies and regulations.
    • Will participate in preparation and facilitating enterprise change management activities.
    • Possesses ability to work in rapidly changing environment and desire to learn technologies as needed.
    • Team player required: must be able to interact with peers, management, and executives in a constantly evolving environment to ensure a positive customer experience and atmosphere in the workplace.
    • Other duties’ as this role evolves.

    Qualifications

    MINIMUM EDUCATION REQUIREMENTS

    • Bachelors Degree, in Business, Mathematics, or Information Systems, preferred, or relevant work experience in lieu of degree

    SPECIAL KNOWLEDGE AND/OR SKILLS

    • At least 3 years of information security experience is required.
    • Ability to be flexible, learn quickly and ability to multitask in a constantly changing workplace.
    • Excellent communication (oral, written, presentation), interpersonal and consultative skills.
    • Experience with assessing and implementing technical controls.
    • Experience with security tools such as but not limited to: network intrusion, file security, anti-virus, whitelisting, SIEM, vulnerability scanning and two-factor authentication applications.
    • Possesses a strong networking background.
    • Possessing strong analytical and problem solving skills.
    • Experience working in both on premise and cloud networked environment.
    • Experience with Windows operating systems and VMWare technologies.
    • Experience providing security awareness training with an enterprise is preferred.
    • The ability to derive meaningful reporting from team owned security applications to create custom executive reports for security reviews, auditing and project level work is essential.
    • Experience with contingency planning, business continuity and disaster recovery is a plus.

    WORK BACKGROUND/EXPERIENCE

    • 5 years of Information Technology experience preferred
    • Healthcare Information Technology experience is a plus.
    • Any Defense, Financial or Utility Information Technology industry experience is a plus.
    • Any industry standard security certifications is a plus.

    PHYSICAL REQUIREMENTS

    • Physical health sufficient to meet the ergonomic standards and demands of the position.

     

    All qualified applicants will receive consideration for employment without regard to age, race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or protected veteran status. EOE

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Need help finding the right job?

    We can recommend jobs specifically for you! Click here to get started.