IT Security Analyst

Overview

The I.T. Security Analyst will be responsible for: managing Security, Identity and Access Management solutions; identifying security risks, assisting with the development of general security standards; and ensuring compliance with requirements of external security audits & recommendations.

• Lead the development of Identity Access Management (IAM) governance program for the enterprise.
• Plan and oversee multiple IAM work streams (e.g., authentication, SSO/MFA, PAM, IGA, EIAM), ensuring delivery, compliance, and audit readiness.
• Coordinate with IT Security, IT, audit, and business teams to align IAM initiatives with organizational goals and regulatory requirements.
• Monitors security system logs (i.e., Intrusion Detection System (IDS), Web Application Firewall (WAF), Office
  365, Firewall system logs, etc.) and responds to discovered anomalies or problems.
• Analyzes, troubleshoots, and corrects security-related problems.
• Is a subject matter expert for the identification and selection process of security tool needs; assists in the design, integration, and installation of the selected hardware / software solution.
• Keeps fully abreast of trends and changing technologies related to information security fields.
• Investigates IT security violations, known vulnerabilities, and data breaches.
• Performs vulnerability assessments; conducts compliance activities in response to internal & external audits.
• Performs security research & vendor evaluations at the direction of the CISO; participates in the testing and implementation of security solutions.
• Enforces security policies and standards.
• Acts as interface with and liaison to business, Service Desk and IT application owners; ensures applications, infrastructure components, and access are appropriately assessed.
• Executes security incident response procedures in accordance with threat levels.
• Communicates effectively (both written and verbal).
• Manages multiple priorities and follows a project plan to meet project deliverables.
• Provides security guidance to other support teams.
• Develops security knowledge articles on relevant topics.
• Updates IT Security Policies and Procedures as needed.
• Employees may perform other duties as assigned.

• May be required to supervise 3rd party service providers and consultants.

• Bachelor's Degree strongly preferred. Master's level degree a plus.
• 5+ years' experience in information technology.
• Project management experience required.
• Recent direct experience working within an information security function.
• Direct experience managing one or more of the following:
  Identity and Access Management;
  Single Sign-on, SSL & PKI, LDAP, Active Directory, Entra , and Power Shell. Experience with firewalls a plus.
• Experience working in an organization that provided exposure across multiple IT functional areas (i.e., infrastructure, networking, security, data management, and application development).
• Experience with HIPAA, GDPR, NIST and PCI compliance requirements required. HIPAA, NIST, GDPR and PCI certifications a plus.

• Demonstrate strong analytical, critical thinking and problem-solving skills.
• Demonstrate strong presentation, verbal and written communication skills.
• Ability to work across organization boundaries and create solid alignments.
• Ability to maintain professionalism when interacting with internal and external customers.
• Proficient at handling difficult situations and human relations issues with professionalism and respect.
• Ability to self-motivate, set goals and meet deadlines.
• Demonstrate strong organizational skills and be detail oriented as required.
• Ability to prioritize and multi-task in a fast paced, changing environment.
• Ability to stay current on newest technology and industry trends.
• Proficient personal computer skills.
• Commitment and adherence to Joint Commission’s Core Values.

• Certified Information Security Systems Professional (CISSP), Security+, Identity and Access Administrator Associate or Certified Information Security Manager (CISM) or equivalent certification preferred.
• Project Management experience required. PMP or Project+ certification a plus.
• IT Infrastructure Library (ITIL) and/or Microsoft Operations Framework (MOF) Essentials Certifications preferred.

Ability to travel as needed, up to 10%.

• Adaptability - Maintaining effectiveness when experiencing major changes in work responsibilities or environment (e.g., people, processes, structure, or culture); adjusting effectively to change by exploring the benefits, trying new approaches, and collaborating with others to make the change successful.
• Communication - Conveying information and ideas clearly and concisely to individuals or groups in an engaging manner that helps them understand and retain the message; listening actively to others.
• Continuous Learning - Actively identifying new areas for learning; regularly creating and taking advantage of learning…