Sr IT Security Analyst

Could you be our next Sr. IT Security Analyst at our convenient Berwyn location?

Why work as a Sr. IT Security Analyst with Main Line Health?

·       Make an Impact! The Sr. Information Security Analyst must be able to work independently and with other teams to establish and maintain secure, stable technology environments. This position is responsible for leading many facets of cyber security including incident forensics, investigation, and response (DFIR), monitoring and maintenance of security systems and appliances, detecting and responding to threats and compromises, configuring and validating security appliances such as firewalls, e-mail filters, proxies, and anti-malware tools. Additional responsibilities include:

o   Leading internal penetration testing, validating results, and evaluating existing & newly disclosed vulnerabilities.

o   Lead coordination efforts for performing vulnerability remediation.

o   This position may be required to maintain a standby status as part of a rotation within the team.

o   This requires 24 hours per day, 7 days per week availability during the standby period. (Frequency varies based upon the number of colleagues in the rotation.)

·       Develop and Grow your Career! Invest in furthering your education through seeking certifications or advanced degrees by taking advantage of our Tuition Reimbursement! This position is eligible for up to $6,000 per year based upon your Full or Part Time status.

·       Join the Team! Like our patients, the Main Line Health Family encompasses a wide range of backgrounds and abilities. Just as each of our patients requires a personalized care plan, each of our employees, physicians, and volunteers, bring distinctive talents to Main Line Health. Regardless of our unique design, we all share a purpose: providing superior service and care.

·       Position-Specific Benefits include: You are eligible for up to 240 hours of paid time off per year. We also offer several employee discounts to various activities, services, and vendors... And employee parking is always free!

Position: Sr. IT Security Analyst


Essential Accountabilities:

·       In-depth demonstrable knowledge of Active Directory, Group Policy and RBAC.            

·       In-depth demonstrable knowledge of networking protocols, concepts (VLANs, ACLs, NAC, etc.) network architecture, firewalls, proxies, SIEM, antivirus, and IDPS concepts.       

·       Knowledge of cloud technologies (ex. AWS, Azure, etc.).

·       Knowledge of security standards and guidelines from NIST,CIS & HITRUST.

·       Foundational ITIL knowledge.

·       Provide system hardening guidelines and gap assessments.

·       Configure, implement, document and manage security tools including Network Security, End-Point Security, SIEM, DLP, IRM, Email, security awareness and training, patch management and IAM solutions.

·       Assist in cybersecurity incident response.

·       Performing internal penetration testing and validation of security controls.

·       Developing new security mitigation, monitoring, and strategies.

·       Ability to identify, explain and mitigate vulnerabilities to senior leaders.

·       Conduct security reviews of technology infrastructure and business application initiatives.

·       Research and provide recommendations for new tools and technologies & evaluate options.            

·       Identify areas for continuous improvement of security related processes.

·       Create and update documentation.       

·       Remain current with information security trends and developments.

Experience: 

·       5 or more years proven, verifiable experience as Cybersecurity Analyst or engineer.

Education:

BS in computer science or related fields desired or higher.

Licensures/Certifications:
Preferred Information Security Certifications include:
Certified Ethical Hacker (CEH),Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), GIAC Security Essentials (GSEC), GIAC Certified Penetration Tester (GPEN), Security+, Systems Security Certified Practitioner (SSCP), EC-Council Certified Security Analyst (ECSA)