Information Security Analyst

JOB DESCRIPTION : Start date :

Length of assignment :

Location Address : EyeMed HQ – Mason

Remote or Onsite : HYBRID

o If onsite, please indicate if hybrid or workplace only

Specific Skills Needed : Please see job description

Top - mandatory and / or minimum requirements

Top - desirable attributes / qualifications?

Required levels / Years of Experience education – discuss whether there is flexibility Bachelor's degree computer science, IT or equivalent years of experience in IT or IS

JOB TITLE : IS Security Analyst

GENERAL FUNCTION

The Security Analyst will support working within the information security to aide in the support of governance, risk, and compliance initiatives and perform risk responses, acceptance or mitigation, for Management and external Client inquiries that properly illustrates how the organization is enforcing established security controls to properly illustrate data protection and risk management. The analyst will also ensure compliance with the policies and procedures necessary to ensure the security of information system assets and to protect them from intentional or inadvertent access, disclosure, or destruction in accordance with company policies and external requirements such as HIPAA, HITRUST, SSAE- and PCI. The analyst will coordinate security awareness efforts for the organization.

MAJOR DUTIES AND RESPONSIBILITIES

• Analyze vulnerability assessment data to identify technical risks to the organization
• Support the identification and impact classification for new vulnerabilities identified in the environment
• Execute and support vulnerability assessments, penetration testing and social engineering activities
• Provide the Information Security and IT Security team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures
• Support IS in achieving the vision and strategic objectives of the function
• Support leadership to identify capability gaps in vulnerability management services
• Conduct analysis and aggregation of vulnerability data from various sources
• Manage and utilize IS tools such as DLP, Code scanner, external security profile, etc. to analyze gaps in security controls
• Participate in the IT SDLC program to ensure that security is included in project by default and by design
• Develop strong working relationships with other departments and potentially clients across the organization to ensure a high degree of security compliance client satisfaction
• Brief IS leadership on vulnerability assessment results and potential risks
• Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function

BASIC QUALIFICATIONS

PREFERRED QUALIFICATIONS