Senior Security Analyst

Job Responsibilities
GEHA is an Equal Opportunity Employer M/F/Disability/Vet with six locations in the Kansas City metropolitan area. Our company’s corporate headquarters is located in Lee’s Summit near Douglas Rd and I-470. The claims processing office and call center is located in Independence near Little Blue Parkway and I-70. All offices are easily accessible by freeway from anywhere in the Kansas City metro area.

Open Positions: 1
Location: Lee’s Summit-201, MO

Contributes to the Cybersecurity and Enterprise Risk department’s efforts to protect the confidentiality, integrity and availability of customers, employees, and the organization’s information assets in compliance with organizational policies, procedures, standards, laws, and regulations.

• Utilizes, manages and administers security related functions and solutions including, but not limited to, firewalls, intrusion detection systems, two-factor authentication systems, antivirus systems, secure email gateway appliances, web filtering proxy, security information and event management (SIEM) platforms, data loss prevention, vulnerability detection, content filtering and identity and access management.

• Collects and analyzes security information and event management (SIEM) data to identify malicious threats, inappropriate activities, or any events that could potentially impact the confidentiality, integrity and availability of the organization’s information systems and assets.

• Responds to security incidents including collection of evidence, analysis, and resolution efforts.

• Evaluates and provides recommendations related to the security aspects of the organization’s information products, system configuration, and documentation.

• Participates in providing security related training to all levels of the organization’s staff.

• Participates in internal and external audit support activities. Performs activities to resolve open audit issues.

• Participates in the continuous monitoring activities of the organization that are in effort to comply with information security controls, procedures, and policies. Develops, directs and manages information security and control assessments.

• Works closely with the organization’s Information Technology teams to secure the information technology infrastructure, improve service delivery, and increase productivity.

• Participates in the organization’s disaster recovery and business continuity efforts including preparation and maintenance of plans, risk assessment, and testing. Assists with the identification and classification of information assets.

• Recommends security tools, activities, and procedural changes to enhance the efforts of the Cybersecurity and Enterprise Risk team. Identifies opportunities to automate or streamline current processes.

• Creates and maintains security documentation in support of team responsibilities, including but not limited to business continuity, security assessments, vulnerability management, remediation activities, procedures, training, and metrics. Prepares ad-hoc reports in support of various initiatives.

• Supports management efforts to deliver a secure information processing environment for the organization. Participates in the organization’s SDLC and project management process to identify potential security concerns and control issues.

Education Requirements
Requires a 4-year degree (120 Credit hours) in Computer Science, Information Systems, or related discipline. Additional years of qualifying work experience may be considered in lieu of formal education.

Experience Requirements
Requires 5 years of IT Security experience. Must have one or more of the following security certifications: CISSP, CISA, GIAC or related security certifications. Requires working knowledge of IP networks, firewalls, and Active Directory, Mobile Device Management, Citrix, Splunk, Microsoft SQL, encryption and virtual computing environment experience a plus (e.g., VMWare). Must have experience with daily security activities such as log review, incident response, disaster recovery, security assessments, and vulnerability management. Must be customer service focused, organized, detail oriented, analytical, able to multitask. Requires effective verbal and written communication skills to interface with management and employees.


Leave a Reply