E00443 – Security Analyst
Reporting to the Director of Infrastructure and Cloud Solutions, the Security Analyst participates in the identification, implementation, maintenance, and support of technologies designed to protect the confidentiality, integrity, or availability of RCA and affiliates’ information systems. Works with technical and non-technical staff to ensure that deployed technologies are effectively and efficiently providing the intended controls consistent with established policies and procedures. Where appropriate, trains and supports technical staff in RCA affiliated locations to deploy, manage, and support selected technologies.
- Manage and own IS Policies and procedures — ensuring they are current and in force
- Vulnerability Management: Closure and compensating controls
- Answer security assessments on behalf of the company from corporate customers
- Use SIEM and other tools to identify and resolve security threats in real-time
- Manage our corporate Phishing campaigns.
- Be the security liaison between IS and the organization for training and security awareness
- Partner with outside Security vendor to continually improve RCA’s security posture
- Facilitate annual HIPAA risk assessments in collaboration with the corporate compliance team
- A Minimum of 1-3 years’ experience with desktop, server, and network security administration in a mixed computing environment.
- Experience managing and supporting some or all of the following or similar information security technologies or processes:
- Anti-malware protection and analysis
- Web filtering and security
- Vulnerability scanning and management
- Encryption technologies for data at rest and data in transit
- Mobile device and removable media protection or management systems
- Authentication – including various forms of SSO and MFA
- Cloud application security
- Security Information and Event Management (SIEM) systems
- Interpreting Common Vulnerabilities and Exposures (CVE) data
- Data Loss Prevention (DLP)
- Familiarity with risk assessment and risk management concepts or processes.
- Working knowledge of various regulatory security requirements
- Ability to prioritize multiple tasks and be detail-oriented.
- Excellent communication, interpersonal skills.