IT Security Analyst (SIEM, IDS/IPS, Firewalls, Endpoint Security) - Hybrid

Title: IT Security Analyst (SIEM, IDS/IPS, Firewalls, Endpoint Security) - Hybrid

Mandatory skills:

information security, security controls, data protection, risk management, security controls, security compliance,
IT Security, IT SDLC, IT hardware, software products, Security SDLC,
SIEM, IDS/IPS, Firewalls, Endpoint Security,
vulnerability assessments, penetration testing, social engineering, vulnerability management services, vulnerability data,
compliance framework, financial services, information security,
governance, risk, compliance, risk responses, acceptance, mitigation,
project management, enterprise security, intrusion detection systems,
HIPAA, HITRUST, SSAE-18, PCI, IS tools, DLP, Code scanner, external security, CMS,
information system assets, technical risk, cyber threat, threat actor tactics, techniques, procedures,
Security Analysis,
SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST
Certified Information Systems Security Profession, CISSP, PCI DSS, Certified HIPAA Privacy Security Expert, CHPSE, Certified Information Security manager, CISM, Global Information Assurance Certification, GIAC

Description:

Security Analyst

GENERAL FUNCTION:

The Security Analyst will support working within the information security to aide in the support of governance, risk, and compliance initiatives and perform risk responses, acceptance or mitigation, for Management and external Client inquiries that properly illustrates how the organization is enforcing established security controls to properly illustrate data protection and risk management. The analyst will also ensure compliance with the policies and procedures necessary to ensure the security of information system assets and to protect them from intentional or inadvertent access, disclosure, or destruction in accordance with company policies and external requirements such as HIPAA, HITRUST, SSAE-18 and PCI. The analyst will coordinate security awareness efforts for the organization.

MAJOR DUTIES AND RESPONSIBILITIES:

Analyze vulnerability assessment data to identify technical risks to the organization
Support the identification and impact classification for new vulnerabilities identified in the environment
Execute and support vulnerability assessments, penetration testing and social engineering activities
Provide the Information Security and IT Security team information on the emerging cyber threat landscape, including threat actor tactics, techniques, and procedures
Support IS in achieving the vision and strategic objectives of the function
Support leadership to identify capability gaps in vulnerability management services
Conduct analysis and aggregation of vulnerability data from various sources
Manage and utilize IS tools such as DLP, Code scanner, external security profile, etc. to analyze gaps in security controls
Participate in the IT SDLC program to ensure that security is included in project by default and by design
Develop strong working relationships with other departments and potentially clients across the organization to ensure a high degree of security compliance client satisfaction
Brief IS leadership on vulnerability assessment results and potential risks
Continue self-development of knowledge, skills and abilities to better support execution of the Information Security (IS) function

BASIC QUALIFICATIONS:

Bachelor s degree computer science, IT or equivalent
5 years of experience in IT or IS
Experience with major standards such as: SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST
Demonstrated experience in implementing compliance frameworks for financial services organization or organizations with similar information security needs and requirements
Familiarity and understanding of broad range of IT hardware and software products
Strong project management skills
Excellent presentation, verbal communication, and written skills
Excellent analytical and problem-solving skills
Experience managing typical enterprise security and intrusion detection systems
Ability to work in a collaborative environment across business and technology teams

PREFERRED QUALIFICATIONS:

Certified Information Systems Security Profession (CISSP), PCI DSS, Certified HIPAA Privacy Security Expert (CHPSE), Certified Information Security manager (CISM), Global Information Assurance Certification (GIAC), or related.
Experience or knowledge with healthcare or health insurance
Knowledge of CMS and HIPAA related vendor requirements
Working knowledge of Security SDLC tools

Notes:

Temp to Hire

Hybrid - 2 days a week (Tue & Thurs)

Work hours: 40 hours a week - Full Time

VIVA USA is an equal opportunity employer and is committed to maintaining a professional working environment that is free from discrimination and unlawful harassment. The Management, contractors, and staff of VIVA USA shall respect others without regard to race, sex, religion, age, color, creed, national or ethnic origin, physical, mental or sensory disability, marital status, sexual orientation, or status as a Vietnam-era, recently separated veteran, Active war time or campaign badge veteran, Armed forces service medal veteran, or disabled veteran. Please contact us at for any complaints, comments and suggestions.

Contact Details :

VIVA USA INC.
3601 Algonquin Road, Suite 425
Rolling Meadows, IL 60008