Try Google search

Cybersecurity Analyst

3m ago
min 5 years
Denver, CO

We are looking for a Cybersecurity Analyst to join our client’s team.

Location: Must be located in CO. Remote; hybrid Approach

*Local and national travel is required.

Duration: 6 Months- CTH

Company: CCRM

DESCRIPTION:

We are looking to add a cybersecurity analyst team member to our IT Department. The cybersecurity analyst will play a key role in enhancing and improving the security posture across the organization. You will be responsible for identifying and mitigating areas of vulnerability and potential exposure from a cybersecurity standpoint. The successful candidate will have hands-on and practical experience in areas of cyber and data security, cybersecurity methodologies and frameworks, including experience in establishing both technical and organizational controls to protect the confidentiality, integrity, and availability of data. This role will report to the Chief Information Officer.

  • CCRM is an industry-leading pioneer in fertility science, research and advancement, offering access to national network of award-winning physicians, a full suite of fertility services, innovation technology and cutting edge labs. CCRM is currently comprised of eleven locations spanning the U.S. and Canada with growth planned for continued network development on a domestic and international basis. CCRM is proud to assist in building all kinds of families.

ESSENTIAL FUNCTIONS:

  • Provides seamless customer service support to end users in relation to cybersecurity within the organization including, but not limited to the following:

    • Builds a security minded culture that keeps communication and transparency at the forefront of securing the organization.
    • Perform information security reviews and scans of designated systems to assess the effectiveness of overall system security, identify vulnerabilities and make mitigation recommendations.
    • Support the implementation, operation and maintenance of vulnerability management projects.
    • Proactively collaborate and communicate within the IT team to address and mitigate vulnerabilities actively leveraged by malicious actors.
    • Recommend and support the implementation, operation, testing and on-going sustainment of HIPAA and PCI security and compliance.
    • Constantly working to evolve and improve technologies and processes to ensure confidentiality, integrity and availability of data.
    • Perform enterprise vulnerability scanning, secure configuration baseline verification, tool validation, data and identity protection activities.
    • Detect and, as required, perform, or oversee remediation of information security vulnerabilities to minimize risks to operating environments.
    • Establish an agile approach for vulnerability management capability improvements to address threats and weaknesses in security.
    • Collaborates with external vendors and service providers, auditors or partner organizations to further cybersecurity objectives, reviews, mitigations and overall security posture improvements.
  • Seeks opportunities for additional responsibilities and growth within organization. Shows initiative and enthusiasm in suggesting and implementing new concepts and/or ideas for improvement.

  • These areas include IT cybersecurity support and troubleshooting, project management, system design and implementation.

  • Other duties as assigned.

REQUIRED QUALIFICATIONS:

  • Bachelor's Degree in Computer Science, Healthcare Information Technology, or relevant field or equivalent knowledge and skills obtained through a combination of education, training and experience required.

  • Knowledgeable and deep understanding of vulnerability and risk management.

  • Strong verbal and written communication skills required, and problem-solving ability.

  • Experience with Tenable.sc/Nessus vulnerability scanning and reporting.

  • Ability to articulate raw vulnerability and audit data into executive reports.

  • Experience with patch management software.

  • Understanding of SEIM / Log Aggregation tools.

  • Familiar with attack and exploitation techniques involving operating systems, applications, and devices.

  • Experience in configuration management compliance baselines for Windows, Mac, Linux.

  • Experience with Incident Response Team (IR/IRT) troubleshooting, root cause analysis and remediation verification.

  • Ability to successfully accomplish tasks with minimal oversight and management.

  • Knowledgeable of Identity Management and authorization, least privilege, and reducing unauthorized elevated access.

  • Understanding of Firewalls to include basic networking, sub-netting, IDS, NAT, ACL's.

  • Working knowledge of Office 365, Electronic Medical Records (EMR) software, networked medical devices and other software and technologies supporting telehealth and clinical settings.

  • Minimum of five (5) years of experience in IT, information security, cyber risk management, compliance or a related field required; of which at least 3 years' experience in information security is required.

  • Healthcare experience preferred.

  • Proficiency in the use of computer equipment and software, including but not limited to, Windows environment (Word, Excel, Outlook – Intermediate to Advanced skills) required.

  • Strong interpersonal skills and ability to work both independently and as part of a team required

Certification:

  • One or more relevant information security-related certifications preferred. Examples include: CISSP, CISA, HCISPP, CCSP, CRISC, CISM, CGIH, GCFA, GNFA, GPEN, GSEC, QSA and CEH.

Job posted by- Rahul Pandey
Share