Senior Security Analyst
Chicago, IL, United States
Applications have closed
Northwestern Memorial Healthcare
Northwestern Medicine is a leader in quality healthcare and service, bringing together faculty, physicians and researchers to support and advance that care through leading-edge treatments and breakthrough discoveries.Company Description
At Northwestern Medicine, every patient interaction makes a difference in cultivating a positive workplace. This patient-first approach is what sets us apart as a leader in the healthcare industry. As an integral part of our team, you'll have the opportunity to join our quest for better healthcare, no matter where you work within the Northwestern Medicine system. At Northwestern Medicine, we pride ourselves on providing competitive benefits: from tuition reimbursement and loan forgiveness to 401(k) matching and lifecycle benefits, we take care of our employees. Ready to join our quest for better?
Job Description
The Senior Security Analyst reflects the mission, vision, and values of NM, adheres to the organization's Code of Ethics and Corporate Compliance Program, and complies with all relevant policies, procedures, guidelines and all other regulatory and accreditation standards.
The security analyst will be extensively involved with security event monitoring, activities identifying, evaluating and reporting on information security that supports risk posture.
Responsibilities:
- Investigate alerts generated by security controls. Implement/provide recommendations to improve detection capability accuracy.
- Develop/optimize incident response standards and procedure to increase the organizations cyber resiliency. Coach and mentor junior resources.
- Analyze the enterprise information security environment and recommend security measures to safeguard valuable information assets.
- Identify, evaluate, and report on information security risks.
- Collaborate with vendors and internal departments to develop and implement procedures.
- Collaborate with senior staff on strategic and tactical security guidance for all IS projects, including the evaluation and recommendation of technical controls.
- Monitor and maintain the wide security infrastructure and frameworks while analyzing, planning and making recommendations for changes to ensure consistency.
- Regularly evaluate and assess information security vulnerabilities, solutions, and organizational posture.
- Assist in developing cyber security standards and procedures related to logging, monitoring and response.
- Analyze requirements and make recommendations to optimize performance of security controls.
- Collaborate with network and technology support team to enhance and improve security processes and documentation.
- Stays current with security technologies and threats and make recommendations on business value.
- On a daily basis, assess new risks and mitigate as they surface.
- Respond to IT security incidents, providing initial assessment of impact severity and types of incidents being addressed.
- Investigates any fraud and other computer issues.
AA/EOE.
Qualifications
Required:
- Bachelor's degree or equivalent work experience
- 6+ years of professional IT experience, including Cyber Security
- Must have solid knowledge of Security Operation Center (SOC), Computer Incident Response Teams (CIRTs), Risk Management in the cyber security context.
- Demonstrated success leading and/or conducting security analysis, investigations and incident response.
- Demonstrated timely task completion involving solid organizational skills, task tracking, follow-up, and productive peer interaction.
- Working knowledge of the following subjects:
- Network (protocols, topologies)
- Security controls (proxies, IPS, IDS, Firewall and packet analyzers)
- Systems (Windows, Linux/UNIX)
- Software development (development / scripting langages)
- Incident Response
- Threat and Vulnerability Management
- Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, ISO 27001&27002, ITIL). This includes:
- Applications and Systems Development Security
- Security Management Practices
- Access Control
- Security Architecture and Modeling
- Telecommunications
- Network Security
- Operations Security
- Physical Security Controls
- Experience and knowledge of one of the major SIEM technologies (Logrhythm/IBM Qradar/Splunk).
- Excellent problem solving skills
- Experience in delivering formal presentations
- Excellent verbal and written communication skills
Preferred:
- Certification or courses: GIAC certifications, OSCP, Associate of (ISC)/CISSP, GSEC, GCWN, GCED or Certified Ethical Hacker a plus
Additional Information
Northwestern Medicine is an affirmative action/equal opportunity employer and does not discriminate in hiring or employment on the basis of age, sex, race, color, religion, national origin, gender identity, veteran status, disability, sexual orientation or any other protected status.
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: CISSP Compliance Firewalls GCED GIAC Governance GSEC HIPAA IDS Incident response IPS ISO 27001 ITIL Linux LogRhythm Monitoring Network security NIST OSCP QRadar Risk management Scripting Security analysis SIEM SOC Splunk UNIX Vulnerabilities Vulnerability management Windows
Perks/benefits: Career development
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Chief Information Security Officer jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Security Specialist jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Senior Security Architect jobs
- Open Cybersecurity Specialist jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open SaaS-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Forensics-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs