IT Security Analyst (hybrid work model) - The Joint Commission
Oakbrook Terrace, IL
About the Job
Overview
The I.T. Security Analyst will be responsible for: managing Security, Identity and Access Management solutions; identifying security risks, assisting with the development of general security standards; and ensuring compliance with requirements of external security audits & recommendations.
Responsibilities
+ Monitors security system logs (i.e., Intrusion Detection System (IDS), Web Application Firewall (WAF), Office365, Firewall system logs, etc.) and responds to discovered anomalies or problems.
+ Analyzes, troubleshoots, and corrects security-related problems.
+ Is a subject matter expert for the identification and selection process of security tool needs; assists in the design, integration, and installation of the selected hardware / software solution.
+ Keeps fully abreast of trends and changing technologies related to information security fields.
+ Investigates IT security violations, known vulnerabilities, and data breaches.
+ Performs vulnerability assessments; conducts compliance activities in response to internal & external audits.
+ Performs security research & vendor evaluations at the direction of the Director; participates in the testing and implementation of security solutions.
+ Enforces security policies and standards.
+ Acts as interface with and liaison to business, Service Desk and IT application owners; ensures applications, infrastructure components, and access are appropriately assessed.
+ Executes security incident response procedures in accordance with threat levels.
+ Communicates effectively (both written and verbal).
+ Manages multiple priorities and follows a project plan to meet project deliverables.
+ Provides security guidance to other support teams.
+ Develops security knowledge articles on relevant topics
+ Updates IT Security Policies and Procedures as needed
+ Employees may perform other duties as assigned.
SUPERVISORY RESPONSIBILITIES
+ May be required to supervise 3rd party service providers and consultants.
Qualifications
+ Bachelor's Degree strongly preferred. Master's level degree a plus.
+ 5+ years' experience in information technology.
+ Project management experience required.
+ Recent direct experience working within an information security function.
+ Direct experience managing one or more of the following: Identity and Access Management; Single Sign-on, SSL & PKI, LDAP, Active Directory, and PowerShell. Experience with firewalls a plus.
+ Experience working in an organization that provided exposure across multiple IT functional areas (i.e., infrastructure, networking, security, data management, and application development).
+ Experience with HIPAA, GDPR, NIST and PCI compliance requirements required. HIPAA, NIST, GDPR and PCI certifications a plus.
KEY SUCCESS INDICATORS/ ATTRIBUTES
+ Demonstrate strong analytical, critical thinking and problem-solving skills.
+ Demonstrate strong presentation, verbal and written communication skills.
+ Ability to work across organization boundaries and create solid alignments.
+ Ability to maintain professionalism when interacting with internal and external customers.
+ Proficient at handling difficult situations and human relations issues with professionalism and respect.
+ Ability to self-motivate, set goals and meet deadlines.
+ Demonstrate strong organizational skills and be detail oriented as required.
+ Ability to prioritize and multi-task in a fast paced, changing environment.
+ Ability to stay current on newest technology and industry trends.
+ Proficient personal computer skills.
+ Commitment and adherence to TJC’s Core Values.
CERTIFICATES AND/OR LICENSES:
+ Certified Information Security Systems Professional (CISSP) or Security+ certification preferred.
+ Project Management experience required. PMP or Project+ certification a plus.
+ IT Infrastructure Library (ITIL) and/or Microsoft Operations Framework (MOF) Essentials Certifications preferred.
TRAVEL REQUIREMENTS
+ Ability to travel as needed, up to 10%.
_Note: Employees are required to be fully vaccinated against COVID -19 as a condition for employment._
This job description is intended to describe the general nature and level of work performed by an employee assigned to this position. The description is not an exhaustive list of all duties, responsibilities, knowledge, skills, and abilities, and working conditions associated with this position. All requirements are subject to possible modification and reasonably accommodate individuals with disabilities.
Job Locations _US-IL-Oakbrook Terrace_
Job ID _2024-6615_
# of Openings _1_
Category _Information Technology_
+ Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
+ Please view Equal Employment Opportunity Posters provided by OFCCP here.
+ The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
+ This Organization Participates in E-Verify. Click here for more information.
The I.T. Security Analyst will be responsible for: managing Security, Identity and Access Management solutions; identifying security risks, assisting with the development of general security standards; and ensuring compliance with requirements of external security audits & recommendations.
Responsibilities
+ Monitors security system logs (i.e., Intrusion Detection System (IDS), Web Application Firewall (WAF), Office365, Firewall system logs, etc.) and responds to discovered anomalies or problems.
+ Analyzes, troubleshoots, and corrects security-related problems.
+ Is a subject matter expert for the identification and selection process of security tool needs; assists in the design, integration, and installation of the selected hardware / software solution.
+ Keeps fully abreast of trends and changing technologies related to information security fields.
+ Investigates IT security violations, known vulnerabilities, and data breaches.
+ Performs vulnerability assessments; conducts compliance activities in response to internal & external audits.
+ Performs security research & vendor evaluations at the direction of the Director; participates in the testing and implementation of security solutions.
+ Enforces security policies and standards.
+ Acts as interface with and liaison to business, Service Desk and IT application owners; ensures applications, infrastructure components, and access are appropriately assessed.
+ Executes security incident response procedures in accordance with threat levels.
+ Communicates effectively (both written and verbal).
+ Manages multiple priorities and follows a project plan to meet project deliverables.
+ Provides security guidance to other support teams.
+ Develops security knowledge articles on relevant topics
+ Updates IT Security Policies and Procedures as needed
+ Employees may perform other duties as assigned.
SUPERVISORY RESPONSIBILITIES
+ May be required to supervise 3rd party service providers and consultants.
Qualifications
+ Bachelor's Degree strongly preferred. Master's level degree a plus.
+ 5+ years' experience in information technology.
+ Project management experience required.
+ Recent direct experience working within an information security function.
+ Direct experience managing one or more of the following: Identity and Access Management; Single Sign-on, SSL & PKI, LDAP, Active Directory, and PowerShell. Experience with firewalls a plus.
+ Experience working in an organization that provided exposure across multiple IT functional areas (i.e., infrastructure, networking, security, data management, and application development).
+ Experience with HIPAA, GDPR, NIST and PCI compliance requirements required. HIPAA, NIST, GDPR and PCI certifications a plus.
KEY SUCCESS INDICATORS/ ATTRIBUTES
+ Demonstrate strong analytical, critical thinking and problem-solving skills.
+ Demonstrate strong presentation, verbal and written communication skills.
+ Ability to work across organization boundaries and create solid alignments.
+ Ability to maintain professionalism when interacting with internal and external customers.
+ Proficient at handling difficult situations and human relations issues with professionalism and respect.
+ Ability to self-motivate, set goals and meet deadlines.
+ Demonstrate strong organizational skills and be detail oriented as required.
+ Ability to prioritize and multi-task in a fast paced, changing environment.
+ Ability to stay current on newest technology and industry trends.
+ Proficient personal computer skills.
+ Commitment and adherence to TJC’s Core Values.
CERTIFICATES AND/OR LICENSES:
+ Certified Information Security Systems Professional (CISSP) or Security+ certification preferred.
+ Project Management experience required. PMP or Project+ certification a plus.
+ IT Infrastructure Library (ITIL) and/or Microsoft Operations Framework (MOF) Essentials Certifications preferred.
TRAVEL REQUIREMENTS
+ Ability to travel as needed, up to 10%.
_Note: Employees are required to be fully vaccinated against COVID -19 as a condition for employment._
This job description is intended to describe the general nature and level of work performed by an employee assigned to this position. The description is not an exhaustive list of all duties, responsibilities, knowledge, skills, and abilities, and working conditions associated with this position. All requirements are subject to possible modification and reasonably accommodate individuals with disabilities.
Job Locations _US-IL-Oakbrook Terrace_
Job ID _2024-6615_
# of Openings _1_
Category _Information Technology_
+ Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities.
+ Please view Equal Employment Opportunity Posters provided by OFCCP here.
+ The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information.
+ This Organization Participates in E-Verify. Click here for more information.
Source : The Joint Commission