Join Martin's Point Health Care - an innovative, not-for-profit health care organization offering care and coverage to the people of Maine and beyond. As a joined force of "people caring for people," Martin's Point employees are on a mission to transform our health care system while creating a healthier community. Martin's Point employees enjoy an organizational culture of trust and respect, where our values - taking care of ourselves and others, continuous learning, helping each other, and having fun - are brought to life every day. Join us and find out for yourself why Martin's Point has been certified as a "Great Place to Work" since 2015.
Position Summary
The Associate Information Security Analyst will be a contributor to security policies, monitoring and analyzing traffic and logs, and assisting in protecting the organization's IT systems and software from malicious activity and technology breaches. With general guidance and coaching, participates in security risk assessments, performing and analyzing vulnerability scans, working with others in IT and the business to remediate and eliminate risks. The Associate Information Security Analyst is proficient in security and technical knowledge, standards development, documentation of the security program, policies and procedures, risk identification and remediation, reporting, and awareness education related to information security.
Job Description
Key Outcomes:
- Monitors SIEM, IDS/IPS, endpoint protections, and identity management solutions.
- Assists in the administration and engineering of the security infrastructure including the single sign-on, multi-factor authentication, business continuity, and GRC tools.
- Assists coordinating group-wide and company-wide information security matters such as incident response, intrusion detection management, and cyber security advisories.
- Identifies information and IT security risks including IT technical implementations or business processes.
- Under general direction, monitors and audits information systems, networks, and databases to identify and isolate occurrences of unauthorized activity; prepares and coordinates corrective actions.
- Assists with conducting security assessments and audits, penetration testing, IT forensic investigations and incident management.
- Assists with performing and/or coordinating regular security assessments of existing or new infrastructure or applications.
- Coordinates response to information security incidents and threats.
- Assesses and coordinates information and cyber vulnerabilities throughout the organization.
- Reviews and enforces information security policy, standards and guidelines for business operations and technology implementations.
Education/Experience:
- Bachelors degree in CIS, CS, Business Administration, or similar, or combination of equivalent education and experience
- 1+ years’ experience with information security technologies, security monitoring, incident response, open-source technologies, and various operating systems
- Healthcare experience and familiarity with HIPAA/HITECH, PCI-DSS, and NIST 800-53 is highly desirable
Required License(s) and/or Certification(s):
- Global Information Assurance Certification (GIAC), Security+, Offensive Security Certified Professional (OSCP), and/or Certified Ethical Hacker (C|EH) is a plus.
Skills/Knowledge/Competencies (Behaviors):
Customer Focus
- Act as an owner of the business and seek to understand needs.
- Able to communicate effectively and clearly to all levels of the IT organization and business when addressing a challenge or identified opportunity – take ownership.
Business Acumen
- Understands the business model of MPHC and can apply that context to projects
- Always looks for ways to improve processes and create value for business partners.
- Understands how organizational workflows affect data meaning and use.
Drive for Results
- Participates in enterprise architectural/analytical responsibilities and can plan/scope several inter-related activities to create efficiencies
- Assists business stakeholders in making informed decisions.
- Strong troubleshooting skills
- Meticulously reviews their work and openly receives 3rd party review.
Continuous Learning
- Knows limitations and is open to learning from others, especially when cross-team collaborations are needed.
- Seeks new knowledge and remains current in the industry.
Process Improvement
- Participates in continuous process improvement efforts within the team.
- Consistently identifies opportunities for improvement in processes and work products
- Ability to document and create standard work
Dealing with Ambiguity
- Able to communicate complex ideas and knows who to engage in problem solving.
- Understand when to bring other team members onboard.
- Proactively engages in learning to bring understanding to ambiguous situations.
Information Security Analyst
- Demonstrates an understanding of and alignment with Martin’s Point Values
- Thorough understanding of SIEMs, incident response, disaster recovery, contingency planning, encryption technologies, intrusion detection/prevention systems, and/or vulnerability management
- Knowledge of Microsoft and Linux operating systems
- Project management and documentation skills
- Interpersonal and communication skills and the ability to work effectively with a wide range of constituencies in a diverse community
- Maintains industry awareness regarding all information and cyber security trends and directions
- Ability to organize and prioritize multiple tasks independently
- Thorough understanding of traditional and mobile operating systems and applications
- Ability to test and analyze complex system, network, and database security settings
- Understands security protocols and monitoring tools
- Has knowledge of how best practices integrate with company objectives
There are additional competencies linked to individual contributor, provider, and leadership roles. Please consult with your leader to discuss additional competencies that are relevant to your position.
This position is not eligible for immigration sponsorship.
We are an equal opportunity/affirmative action employer.
Martin's Point complies with federal and state disability laws and makes reasonable accommodations for applicants and employees with disabilities. If a reasonable accommodation is needed to participate in the job application or interview process, to perform essential job functions, and/or to receive other benefits and privileges of employment, please contact jobinquiries@martinspoint.org
Do you have a question about careers at Martin’s Point Health Care? Contact us at: jobinquiries@martinspoint.org