I.S. Security Analyst

Yakima, WA

Applications have closed

YVFWC

Community Health org in the Pacific Northwest

View company page

In accordance with the State mandate, all candidates must be or become fully vaccinated against Covid-19. Valid medical and religious exemptions will be considered.

This position works with the Information Services (IS) Security Manager to ensure that security requirements are in place to protect the organization's mission and business processes. Responsible for day-to-day operations, monitoring, and maintenance of in-place security solutions. Manages detected security related events or audits as required. Ensures compliance with the organization's security goals and regulatory obligations. Participates in the design of the security strategy and plan.

This position is remote 4 days/week with 1 day/week on-site in Toppenish, WA.  Relocation allowance is available for those outside the area who are open to relocating to the Yakima Valley region in Washington state. 

This position is not eligible for Visa sponsorship.

What we offer

  • $72,000 - $100,000 salary DOE, with ability to go higher for highly experienced candidates.
  • Relocation allowance.
  • 100% employer-paid health insurance for employees including Medical, Dental, Vision, Rx, 24/7 telemedicine; profit sharing, 403(b) retirement plan, generous paid time off, paid holidays, and more

Essential Functions/Responsibilities/Duties

  • Operates, monitors, and maintains security controls and solutions including ensuring proper configuration to allow maximum protection while maintaining user availability of appropriate resources.
  • Serves as the Subject Matter Expert (SME) for security best practices and associated regulatory requirements and assists Network and Systems Engineers in designing architecture to ensure proper protections are in place.
  • Performs the identification, investigation, and resolution of security-related events including audits and potential breaches. Ensures that proper investigative protocol is followed to ensure evidence integrity and legal permissibility. Ensures proper root-cause analysis and future mitigation is completed.
  • Creates and maintains security policies, standards, guidelines and procedures incorporating industry best-practices.
  • Maintains a security program that aligns with department and organizational strategic goals and incorporates the enterprise risk framework.
  • Maintains the IS Business Contingency/Disaster Recovery plan under direction of manager. Participates in the security, risk, and disaster recovery procedure testing including table-top discussions, live tests, and event scenarios.
  • Proactively monitors and analyzes the security systems infrastructure and logs. Performs regular capacity planning and performance tuning/configuration management. Recommends improvements to provide better confidentiality, integrity, and availability of systems.
  • Performs periodic and as-needed security risk analyses, tracks gaps, and makes recommendations for mitigation to ensure compliance with regulatory requirements and industry best-practices. Conducts vulnerability audits and assessments ensuring that results are tracked, reported, and mitigated.
  • Participates in security group meetings, including scheduling, managing discussion topics, actions items, and follow-up.
  • Creates communication materials and training for IS personnel and end-users, including security awareness posters, corporate orientation materials, intranet articles, in-person classes, and annual training.
  • Conducts research on new enterprise security solutions, services, and standards, evaluating them for their applicability to the department and organization and makes recommendations for adoption.
  • Works with manager to recommend, coordinate, test, and implement key process improvements as they relate to any new or existing equipment, hardware, or software.
  • Ensures maintenance of security infrastructure documentation and technical specifications on all security-related systems and processes.
  • Provides reports for senior IS management as required for presentation to organizational leadership.
  • May have duties related to Epic Security that include attendance at governance committee meetings and the Security Advisory Board. Designs the access and identity management maintenance program. Coordinates and facilitates significant user and/or Provider security modifications and additions.
  • May require periodic travel by automobile to various YVFWC sites located across our service regions (Washington and Oregon) to engage with business partners and provide IS support as needed.

Qualifications

  • Education: Bachelor’s Degree in Information Assurance, Cybersecurity or Information Technology. Four years' experience in security design, maintenance and implementation may be substituted for the required education. 
  • Required Experience:
    • With a Bachelor's degree in a relevant field, 2 years' experience as a Security Analyst, Systems Analyst, and/or Systems Engineer, and securing web-based environments.
    • With an Associate's Degree, 4 years of experience as a Security Analyst, Systems Analyst, and/or Systems Engineer, and securing web-based environments.
    • With a high school diploma/GED, 6 years of experience as a Security Analyst, Systems Analyst, and/or Systems Engineer, and securing web-based environments. 
  • Preferred Experience:
    • Two years' experience in an I.S. security role in a healthcare environment preferred.
    • Experience working in a highly regulated environment with Health Insurance Portability and Accountability Act (HIPAA) and/or Criminal Justice Information Service (CJIS) governance preferred. 
  • Professional Licenses/Certificates/Registration: Epic certification may be required if overseeing the Epic application. IT Security Implementation/Investigation related certifications such as CISSP or GSE highly preferred. Valid Driver’s License and proof of automobile liability insurance coverage.
  • Knowledge/Skills/Abilities Required or Preferred: Knowledge of industry trends in security in a corporate environment. Knowledge of security fundamentals related to networking environments. Knowledge of proper security event investigative protocol. Knowledge of security governance concepts and practices and their applications inside an organization. Knowledge of Microsoft Windows Active Directory and Unix server environments. Knowledge of disaster recovery best practices. Effective project management capability throughout the project lifecycle of planning, organizing, managing, and finalizing outcomes. Ability to prioritize and execute tasks in a fast paced environment. Ability to analyze and conduct in-depth research into IS related security events for root-cause analysis. Strong listening and verbal communication and interpersonal skills. Ability to work in a team-oriented, collaborative environment. Intermediate proficiency with a variety of computer programs including Microsoft Outlook, Word, Excel and PowerPoint.

About YVFWC

We serve more than 181,000 patients across 25 medical clinics, 14 dental clinics, 10 pharmacies, and 64 program sites in Washington State and Oregon. We are Level 3 Certified as a Patient-Centered Medical Home (PCMH). With integrated services including medical, dental, pharmacy, orthodontia, primary care nutritional counseling, autism screening, and primary care behavioral health, YVFWC’s patient-centered model of care offers patients the full spectrum of care and shelter assistance, energy assistance, weatherization, HIV and AIDS counseling and testing, home visits, and four mobile medical/dental clinics.

Working at YVFWC

Working in our organization means being the passionate champion for those who have no voice. It means having the opportunity to work with underserved populations and with peers committed to the same work.

At Farm Workers Clinic

  • We will consistently trust one another to work for the common good.
  • We will foster integrity by demonstrating ethical behavior and insisting on doing what we say we will do.
  • We will demonstrate transparency by being candid and truthful no matter the risk.
  • We will create partnerships to strengthen ourselves and our community.
  • We will fight for just treatment for all individuals.
  • We will let joy in.
  • We have the courage to be an agent of change and refuse anything short of excellence.

Our mission celebrates diversity. We are committed to equal opportunity employment

Tags: Active Directory Audits CISSP Compliance Driver’s license Governance HIPAA Monitoring Security strategy Strategy UNIX Windows

Perks/benefits: Flex vacation Health care Relocation support Team events

Regions: Remote/Anywhere North America
Country: United States
Job stats:  351  22  0
Category: Analyst Jobs

More jobs like this

Explore more InfoSec / Cybersecurity career opportunities

Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.