IT Security Analyst II

Houston Methodist (HM)
Houston, Texas
  • Job Type
    Employee
  • Job Status
    Full Time
  • Shift
    1st Shift
  • Jobs Rated
    8th

JOB SUMMARY

Under the leadership of the Director of Information Security, the primary function of the Security Analyst is to identify security issues, involves in the development of security architecture solutions, and implementation plans.  Researches and deploys new technologies. Develops and documents security policy.  Perform security audits and risk assessments.  Experience with security threats and security tools to mitigate the impacts caused by those threats.  Attend project reviews and provide security guidance.  Provides security on-call supports.  Develop and provide presentations to communicate and coordinate security policies and procedures, and awareness program.  Respond to security requests and manage request queues in HEAT.

Individual must be able to interface with technical and non-technical individuals and other internal/external groups for assisting with security issues and new security opportunities arising as a result of technological advances in security and newly adapted security best practices.  This position requires a candidate with very strong organizational abilities due to the volume, diversity, and depth of challenges for which it is responsible. Excellent communication and writing skills are a must.

PATIENT AGE GROUP SERVED

Not Applicable

 

DUTIES AND RESPONSIBILITIES

  1. Maintain necessary documentation to support security strategy by outlining the requirements and benefits of specific security tools and/or solutions.  Maintain and update security documentation including diagrams, security standards, and disaster recovery manuals.
  2. Provide expertise, guidance, recommendations and documented security configurations for implementation of security tools and processes.
  3. Interface with groups and individuals to resolve security issues related to implementation of network, systems and applications security.
  4. Application of specific security skills to design, develop, deploy, monitor, maintain, and control the suite of tools used by the Information Security team to protect Methodist’s assets.
  5. Efficiently manage multiple simultaneous tasks across new projects and existing systems, including management of on-call duties.  Provide up-to-date reports on project and task progress, and centrally track, in near real-time, incoming and existing problems.
  6. Use penetration and vulnerability analysis of various products and applications, and provide professionally written reports including deep technical analysis and high-level non-technical overview.
  7. Assist in investigating, documentation and resolution of identified security weaknesses, and recommend documented solutions for improvement.
  8. Demonstrates and supports the Methodist vision, mission and value statements.
  9. Demonstrates and supports the Methodist customer service standards.
  10. Adheres to system, division and department policies, procedures, guidelines and standards.
  11. Perform other duties and special projects as assigned.

EDUCATION REQUIREMENTS

Requirements include a Bachelor’s degree in Computer Science or equivalent combination of education and experience, with a minimum of 6 years of technical IT experience or a minimum of 3 years of information security experience.

 

EXPERIENCE REQUIREMENTS

Support and maintain security framework for existing and future systems by working with management and Senior Security Analyst to develop policies and procedures that govern all aspects of systems security and provides for the protection of systems and their data:

Administer security measures to restrict unauthorized use of data systems and databases.

Monitor HIPAA, Red Flags, PCI, and other legislative compliance.

Confer with management, programmers, and other requisite personnel to identify and plan for the security for applications and data.

Involve in define security frameworks for existing/new systems.

Implement necessary new security procedures.

 

Contributes to the creation of security-related policies and procedures by providing research and documentation of known system vulnerabilities and risks

Evaluates existing security policies and procedures and suggests improvements.

Evaluates processes to manage network, system and applications security and suggests improvements.

 

Knowledge in the following network security:

Next generation firewalls or security gateways, such as Blue Coat, Palo Alto Networks, Microsoft Frontbridge, or Websense

Wired and wireless network security devices such as AirDefense or Cisco WLSM

SSL VPNs such as Cisco, Juniper, or F5

IPS technology such as Tipping Point, Sourcefire, or McAfee

DLP technologies such as Symantec, RSA, Websense, or McAfee

Network security assessment such as with McAfee Vulnerability Manager (Foundstone), Rapid7, Qualys, NetStumbler, Kismet, & Wireshark

Network Access Control such as with Cisco, McAfee or Bradford

Knowledge in the following OS infrastructure security:

Securing Windows Server 2003 and 2008 operating systems

Enterprise Active Directory and PKI such as Microsoft CA or Entrust

Knowledge in the following endpoint protection:

Forensics systems and techniques using tools such as Encase, FTK, and *nix command line.

Enterprise endpoint security policy management, such as with McAfee, Symantec, Sophos, Kaspersky, or TrendMicro

Host-based IPS deployment, control, and policy development and maintenance utilizing tools from any of the enterprise HIPS firms

Knowledge in the following advanced enterprise security systems:

SIEM such as ArcSight, RSA enVision, LogLogic, IBM Tivoli CIM/SOM, or Symantec SIM along with extensive syslog experience and related log file parsing skills

Mobile/portable Data Security, such as McAfee (Safeboot) or Sophos (Utimaco)

Enterprise Managed File Transfer such as Axway (Tumbleweed) SecureTransport, GlobalSCAPE, or Sterling Commerce

Enterprise secure email delivery such as Cisco IronPort or Axway (Tumbleweed) Secure Messenger

Advanced software development skills are a must due to the amount of automation required in Methodist’s Information Security team.

Candidate must have expertise and experience in the programming/scripting languages in this list:

VB (script or .NET)

C (ANSI, #, or ++)

*nix shell (bourne-compatible)

Javascript

Python

Ruby

PERL

 

CERTIFICATES, LICENSES AND REGISTRATIONS REQUIRED

Desirable certifications: CISSP, SANS GIAC, CISA, CCSP, CCIE, UNIX & Microsoft certifications a plus.

SPECIAL KNOWLEDGE, SKILLS AND ABILITIES REQUIRED

  • Extensive Microsoft, Linux and UNIX operating system knowledge.
  • Knowledge of routing protocols (OSPF, BGP, IGRP/EIGRP) and MPLS.
  • Fundamental knowledge of IP based applications (WWW, SMTP, DNS, SNMP, etc.)

     

  • Fundamental knowledge of protocol filtering, network security and packet level analysis tools to resolve network security problems.

     

  • Fundamental knowledge of LAN/WAN design theory to include IP sub-netting, routing, application packet flow and security connections.
  • Strong knowledge of security best practices and information technology security research skills. 
  • In-depth knowledge of remote security exploits and vulnerabilities.
  • Ability to research, evaluate, recommend and document security products with the ability to design specific security solutions at the lowest cost.
  • Ability to understand the balance between security strengths and practical application.
  • Ability to collaborate with the appropriate group to isolate and solve problems and ensure proper coordination in all areas of project implementation.
  • Ability to interface with technical individuals and other internal/external groups for assisting with existing security issues and new security opportunities arising as a result of technological advances in security and newly adapted security best practices. 
  • Ability to fully manage a security project independently, as well as develop solution proposals.
  • Outstanding team player, sociable, and able to operate easily in cross-functional and cross-departmental roles.

HMIT


Equal Employment Opportunity

Houston Methodist is an Equal Opportunity Employer.

Equal employment opportunity is a sound and just concept to which Houston Methodist is firmly bound. Houston Methodist will not engage in discrimination against or harassment of any person employed or seeking employment with Houston Methodist on the basis of  race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, status as a protected veteran or other characteristics protected by law.

VEVRAA Federal Contractor – priority referral Protected Veterans requested.



Company Profile

Houston Methodist (HM) is one of the nation’s leading health systems and academic medical centers.  HM consists of 7 hospitals: Houston Methodist Hospital, its flagship academic hospital in the heart of the Texas Medical Center and six community hospitals throughout the greater Houston metropolitan area.  HM also includes a research institute, a global business division, numerous physician practices and several free standing emergency rooms and outpatient facilities.  Overall, HM employs over 20,000 employees.   FORBES magazine has placed Houston Methodist on its annual list of Best Employers in 2016.  Houston Methodist is supported by a wide variety of business functions that operate at the system level to help enable clinical departments to provide the best patient care and service in a spiritual environment.

Categories

Jobs Rated Reports for Information Security Analyst

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

IT Security Analyst II

Houston Methodist (HM)
Houston, Texas

Join us to start saving your Favorite Jobs!

Sign In Create Account
Information Security Analyst
8th2018 - Information Security Analyst
Overall Rating: 8/220
Median Salary: $92,600

Work Environment
Good
52/220
Stress
Very Low
25/220
Growth
Very Good
17/220