Information Security Analyst

Profile

We are seeking an Information Security Analyst to join AcuSPHERE Data and Information Security (ADIS) Team. Our team strives to keep our networks and users safe from constantly emerging threats. As a critical part of this team, you will work with business leads, application developers, and system and network engineers to apply security best practices and solutions to protect proprietary information, sensitive healthcare data, and the overall network environment.

This position performs several core functions to support and monitor the company’s Information Security Program.

As an Information Security Analyst your primary responsibilities will include:

Security impact assessments

assess tools, applications, systems and infrastructures to ensure compliance with the latest government regulations and security best practices, and that established baselines are maintained,

assist with the design and execution of vulnerability assessments on applications, system designs and infrastructure, and security compliance assessments,

improve enterprise security architecture, designing and implementing remediation technologies, techniques, and processes,

Auditing and monitoring

design, integrate monitoring tools/capabilities with and maintain the SIEM application,

monitor information security alerts and collaborate with other technical teams to respond, triage, and escalate as needed. Alerts include logs from firewalls, IDS, OS, Antivirus, databases, web application firewalls, and web servers.

audit the system environment and provide actionable information pertaining to risk discovery and create and maintain complex event alerts and summary reports

coordinate and assist with responses and evidence collection for external audits,

Other duties as assigned (not limited to:)

draft information security policies, processes, and procedures, using security best practices, compliance requirements, and contractual obligations,

Develop and report key security metrics.

promote security awareness and practices throughout the company and provide support and guidance to employees with security questions and concerns,

Qualifications:

Bachelor’s degree in Computer Science, security, compliance, or related field

or

commensurate experience

2-5 years’ experience in the

data security principles needed to implement security controls and oversee data security practices

In-depth knowledge of the security assessment lifecycle

Experience with integrating security into development lifecycles and providing advice on secure product design

Good understanding of hacking techniques and defensive countermeasures

Have excellent organizational, analytical, and problem-solving skills

Strong interpersonal, oral and written communication skills and ability to advise IT system architects, technical project teams, and high-level business managers

Self-driven education to stay abreast of security developments and threats

Detail-focused, adherent to procedures

Proficiency in one or more programming languages (Python, Java, .NET)

SIEM experience – log aggregation and event notification tool

Strong Linux fundamentals preferred

Experience with Vulnerability Assessment tools and applications

Understanding of NIST, DISA STIG and CIS frameworks and security best practices

Preferred qualifications:

Proficiency in one or more programming languages (Python, Java, .NET)

SIEM experience – log aggregation and event notification tool

Strong Linux fundamentals preferred

Experience with Vulnerability Assessment tools and applications

Understanding of NIST, DISA STIG and CIS frameworks and security best practices

Any application without a cover letter will not be considered. We are excited to review your application and look forward to seeing how you may best contribute to our work.

All interviewing and on-boarding are done virtually due to COVID-19. This position will continue to work from home until it’s safe to return to office. When our offices re-open, this position will be required to work from the Burlingame office.

Job Location

Burlingame, California, United States

Company info

SPHERE Institute
Website : http://www.sphereinstitute.org/