The UPIC Enterprise Security Analyst is responsible for assisting with enterprise-wide project planning and documentation of UPIC Enterprise Security projects and processes and ensures computer/data security requirements, regulations and standards within the UPIC IT Division and the Enterprise as a whole, are being met and adhered to. This position is responsible for coordinating and ensuring IT computer/data security requirements within UPIC are being adhered to. The incumbent will perform auditing, logging, and monitoring on all systems. This position will perform security guidance and manage audits.
Security Control Framework: Assists in developing and maintaining security control framework, which includes security policies, standards and guidelines. Ensures proper security measures, reports, and audit trails are in place. Works with other departments to provide guidance based on regulations, policy, and procedures for implementation of appropriate security controls. Works with IS Management and staff to resolve security incidents. Identifies security incidents to System Security Officer in a timely manner.
Security Reporting: Develops security reports, reviews, and report security incidents to compliance department, system security officers, Chief Information Officer and/or other appropriate individuals in a timely and accurate manner.
Audits and Security Plans: Provides assistance during company audits and supports in maintaining security plans as required. Designs, develops, and maintains audit reporting programs and applications. Designs, develops, and maintains computer assisted audit techniques. Develops technical detail and management summary reports.
Threats and Vulnerabilities: Assists in remediation efforts by identifying, rating and mitigating threats and vulnerabilities. Assists in incident handling for Computer Incident Response Team (CIRT) and assists with forensic analysis as needed.
Professional Knowledge: Maintains knowledge of government regulations and security best practices including applicable standards, laws, rules and regulations. Maintains thorough knowledge of any regulations and disciplines that affect UPIC’s information security. Participates as the Information Services representative.
Projects and Implementations: Assists with departmental and Enterprise project planning and implementation for security compliance and security initiatives.
|Requirements||JOB SPECIFIC COMPETENCIES
Field and Technical Knowledge: Maintains up-to-date understanding of technical and security issues in field; ability to use technical understanding to assist staff; extracts and applies core concepts to problem solving.
Attention to Detail: Thoroughness in accomplishing a task through concern for all the areas involved, no matter how small; monitors and checks work or information and plans and organizes time and resources efficiently.
Technical Support: Ability to make suggestions for technical or security modifications to prevent future problems.
Communication: Clearly conveys and receives information and ideas through a variety of media to all appropriate parties in a clear, concise and timely manner.
Initiative: Takes action without being asked or required to; is proactive and prompt in action to accomplish objectives. Leads the analysis of system and application logs to find security violations, vulnerabilities, and abnormalities.
Constant Innovation: Seizes opportunities to advance progressive change.
Service Excellence: Provides value through quality service.
Responsible Stewardship: Manages all resources entrusted to them with efficiency and care.
Effective Collaboration: Works together towards a common purpose.
Integrity: Does the right thing
EDUCATION AND EXPERIENCE REQUIREMENTS
Education Details: Associate’s degree in Security, IT, or related field required. Bachelor’s degree preferred.
Experience Details: Minimum of 3 year experience within security or IT is required.
Equivalent combination of education, experience or training determined to be acceptable by Human Resources may be substituted, unless regulated by contract or program standards
Job Posting Policy 6.05
New employees with Noridian Healthcare Solutions will be eligible to apply for positions within their assigned department after successfully completing a 90-day review. For positions outside your department, you must attain a minimum of six months of service before you can apply.
Equal Employment Opportunity
For questions, please email firstname.lastname@example.org.
This job posting will be closed 12/29/2017 at 8:00AM CST. No further applications will be considered.