Fidelis Care New YorkSecurity Analyst II

Department: Information TechnologyReports to: Manager, Security

Band: Division: Information Technology

Job Code: XXX Salary/wage Grade: Status: ExemptLabor Type: Full Time

Position Summary:

The Information Security Analyst II is responsible for developing and applying Information Security measures that minimize data loss potential. Reports and resolves information security threats. Advisor to all areas of organization on information security matters including protecting systems and applications against threats and trends. Defines and supports role based access methodologies. Responds to incidents, participates in security investigations, monitors and investigates alerts, assists in the development and implementation of security program in order to create, deploy, monitor, and promote organizational policies in accordance with regulatory standards, best practices, and internal policies and procedures.

Technical/Functional Expectations:

1. Control Framework:

Interprets applicable government regulations to ensure company policies support compliance efforts. Assesses existing controls to identify control gaps and weaknesses.

2. Risk Management:

Leads Risk Management efforts. Follows through on assessment and remediation efforts. Considers all aspects of risk to the organization.

3. Incident Response:

As part of a team, develops and revises approach to incident management. Participates in efforts related to Information Security incidents, including identification, analysis, remediation, and preventative measures.

4. Operational Efficiency:

Identifies opportunities that can improve the efficiency of information security processes across environment.

5. Other duties as required:

Perform other incidental and related duties as required or assigned.

Behavioral Competencies:

1. Attention to Detail:

Able to be thorough and complete when working with assembling, processing, or providing detailed information; track details even when under pressure.

2. Integrity: Able to demonstrate consistency of words and actions; protect confidential information; do what is right even when no one is watching; demonstrate sound business ethics; consistently comply with organizational values.

3. Versatility: Able to take on new or multiple roles and responsibilities and do them well; be flexible when considering options or opinions; be open to new ideas and change.

4. Deal with Ambiguity:

Able to maintain composure and handle frequent job changes or unexpected disruptions; work with conflicting, delayed, or unclear information; remain effective when faced with change and uncertainty.

5. Customer Service:

Able to anticipate and respond to customer's needs, concerns, or questions in order to meet or exceed their expectations; help evaluate needs and options; show care and concern to demonstrate customer importance and value.

6. Develop Relationships:

Able to relate with others while building credibility and rapport; give personal support and reassurance; put others at ease; build cooperative relationships.

7. Diligence: Able to persevere in accomplishing tasks or objectives; commit to long hours of work; do everything possible to reach goals; have a sense of urgency about getting results.

Business Experience:

1. Industry Experience: 3 - 6 years progressive experience in information security, preferably in a health care environment. Knowledge of Network Security. Familiar with at least one formal Risk Management framework.

2. Ability to effectively prioritize and execute tasks.:

3. Excellent communication skills:

4. Excellent analytical and problem solving skills.:

5. Regulatory: Strong understanding of government and/or industry requlatory requirements (HIPAA Security; NYS Rule 173, etc.)

Educational and Experience Requirements:

1. BA/BS - Bachelors Degree or equivalent required.

Physical Requirements: