Could lead to a permanent hire.

The Information Security Analyst II plays a pivotal role in safeguarding digital assets and ensuring compliance with security policies and regulations. Working under the guidance of senior Information Security professionals, this role involves monitoring security events, conducting vulnerability assessments, and implementing security controls to mitigate risks. The Information Security Analyst II assists in incident response activities, participates in Information Security projects, and helps maintain compliance with the organization’s Information Security policies and procedures.

Essential Duties and Responsibilities

•  Implements, maintains, and operates security hardware and software, including antivirus, endpoint protection, and XDR solutions.
• Implements, maintains, and operates Identity Access Management (IAM) components, including single sign-on and multi-factor authentication.
• Assists in developing Information Security policies and procedures.
• Evaluates and recommends Information security tools and solutions.

• Implements and monitors security controls and procedures.
• Develops monitoring and visibility capabilities, reports on incidents, vulnerabilities, and trends.
• Performs periodic security scans of organization's infrastructure to identify vulnerabilities.
• Works with third-party security firms to perform annual assessment and remediation of vulnerabilities to the organization's Information Technology infrastructure.
• Understands and implements the organization's Incident Response Plan.
• Monitors network traffic flow to/from and within the organization using network analysis tools and firewall logs.
• Writes comprehensive reports including incident response debriefs, software evaluation plans, and product evaluation reports.
• Works and communicates effectively with the various professionals throughout the organization.
• Conducts educational exercises for other team members and departments on a periodic basis.
• Responds to Information Security incidents and alerts.
• Develops and modifies basic scripts to assist in log ingestion, automation of routine tasks, and deployment of Information Security tools.
• Serves as a point of escalation to Helpdesk and IT Operations on Information Security issues.
• Follows the organization's change management process and ensures stakeholders are involved in changes.
• Provides timely notification to Information Security Management of internal and business partner incidents.

Education and Experience

Bachelor’s degree in Information Security, Computer Science or related field from an accredited school AND three (3) years of Information Security experience in a medium to large organization

-OR-

Five (5) years of progressive experience in a senior level Information Security capacity for a medium to large organization with a structured IT department, preferably in healthcare.

CySA or CISSP certification is preferred.

Position is suited for a mid-level Information Security professional.

Other:

Possession of valid California Driver’s License and proof of valid State required auto liability insurance.

Required Travel Up to 10%.