Sr. Information Security Analyst
JPS Health Network · Fort Worth, TX · 2 days ago
Information TechnologyFull-time
Job Summary
The Senior Information Security Analyst assists with the planning, implementation, and maintenance of the District’s information security program including security administration, security operations, risk management, education, policy/procedure development, and other required duties.
Essential Job Functions & Accountabilities
- Controls the addition and modification of user identifiers, user credentials, or other object identifiers.
- Performs access reviews of network and application user accounts.
- Performs tests on backup media for information integrity, as necessary.
- Coincides cybersecurity incident response activities with interested personnel and affected parties.
- Responds to triage alerts from security systems in a timely manner.
- Periodically test the cybersecurity incident response plan and related procedures.
- Compiles event logs from Security Incident Event Manager (SIEM) and other components into a system-wide, time-correlated audit trail.
- Establishes and maintains logging and monitoring operations.
- Identifies potential cybersecurity events in SIEM and audit logs.
- Includes incident alert thresholds in continuous security alert monitoring procedures.
- Maintains systems for inappropriate usage and other security violations.
- Reviews SIEM event logs, Intrusion Detection System reports, security incident tracking reports, vulnerability scan reports, and other security logs regularly.
- Establishes and maintains a data security awareness program.
- Evaluates the effectiveness of end-user information security training via email phishing and other campaigns.
- Provides end-user information security training via multiple platforms (newsletters, videos, in-person discussion, et. al.).
- Conducts periodic phishing simulations of the workforce.
- Develops and monitors key performance indicators (KPIs) to ensure the effectiveness of the information security program.
- Develops, implements, and maintains information security standards, policies, and procedures in accordance with established information security governance frameworks and regulations (NIST, HIPAA, et. al.).
Qualifications
- Required: Bachelor’s Degree from an accredited college or university. AND Three (3) years working as a privacy-security compliance specialist, information security specialist, or information technology auditor. OR Seven (7) years working as a privacy-security compliance specialist, information security specialist, or information technology auditor.
- PREFERRED: Bachelor’s Degree in Information Technology, Information Security, or related field(s) of study from an accredited college or university; and Two (2) years working as a privacy-security compliance specialist, information security specialist, or information technology auditor in a healthcare environment. One (1) year in a senior or team lead role.
- One (or more) of the following certifications: Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), CompTIA Security+, CompTIA Cybersecurity Analyst (CySA+), CompTIA Advanced Security Practitioner (CASP+), SANS GIAC Security Essentials (GSEC), Certified in Risk and Information Security Controls (CRISC).