Senior Security Analyst - SLM IT Team, Full-Time Days

📁
Information Technology
📅
0051366 Requisition #
Share this Job
The security analyst will be extensively involved with security event monitoring, activities identifying, evaluating and reporting on information security that supports risk posture. Investigate alerts generated by security controls. Implement/provide recommendations to improve detection capability accuracy. Develop/optimize  incident response standards and procedure to increase the organization’s cyber resiliency. Coach and mentor junior resources. Analyze the enterprise information security environment and recommend security measures to safeguard valuable information assets. Identify, evaluate, and report on information security risks. Collaborate with vendors and internal departments to develop and implement procedures. Collaborate with senior staff on strategic and tactical security guidance for all IS projects, including the evaluation and recommendation of technical controls. Monitor and maintain the wide security infrastructure and frameworks while analyzing, planning and making recommendations for changes to ensure consistency. Regularly evaluate and assess information security vulnerabilities, solutions, and organizational posture. Assist in developing cyber security standards and procedures related to logging, monitoring and response. Analyze requirements and make recommendations to optimize performance of security controls. Collaborate with network and technology support team to enhance and improve security processes and documentation. Stays current with security technologies and threats and make recommendations on business value. On a daily basis, assess new risks and mitigate as they surface. Respond to IT security incidents, providing initial assessment of impact severity and types of incidents being addressed. Investigates any fraud and other computer issues. AA/EOE.
Required: Bachelor's degree and 6+ years of professional IT experience, including Cyber Security. Must have solid knowledge of Security Operation Center (SOC), Computer Incident Response Teams (CIRTs). Demonstrated success leading and/or conducting security analysis, investigations and incident response. Demonstrated timely task completion involving solid organizational skills, task tracking, follow-up, and productive peer interaction. Working knowledge of protocols, network topologies, and perimeter security devices (proxies, IPS, IDS, Firewall and packet analyzers), network security design, and Rights Management Services. Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, ISO 27001&27002, ITIL).  This includes: Applications and Systems Development Security, Security Management Practices, Access Control, Security Architecture and Modeling, Telecommunications, Network Security, Operations Security, and Physical Security Controls. Experience and knowledge of one of the major SIEM technologies (Logrhythm / IBM Qradar / Splunk). Certification or courses: GIAC certifications, OSCP, Certified Ethical Hacker a plus. Experience in delivering formal presentations. Excellent verbal and written communication skills.

Previous Job Searches

My Profile

Create and manage profiles for future opportunities.

Go to Profile

My Submissions

Track your opportunities.

My Submissions

Similar Listings

Illinois, Chicago | Main Campus

📁 Information Technology

Illinois, Chicago | Main Campus

📁 Information Technology

Illinois, Chicago | Main Campus

📁 Information Technology

Connect with NM on Social Media

Northwestern Medicine is an affirmative action/equal opportunity employer and does not discriminate in hiring or employment on the basis of age, sex, race, color, religion, national origin, gender identity, veteran status, disability or sexual orientation.

Access to NMHC resources through this system is subject to the terms of the NORTHWESTERN MEMORIAL HEALTHCARE INFORMATION ACCESS AND CONFIDENTIALITY AGREEMENT. This system may be accessed and used by authorized personnel only. Authorized users may only perform authorized activities and may not exceed the limits of such authorization. Disclosure of information found in this system for any unauthorized use is strictly prohibited. All activities on this system are subject to monitoring.