Embed Size (px)
Citation preview
Fidelis Care New York
Security Analyst III
Department: Information
Technology
Reports to: Manager,
Security Band:
Division: Information
Technology
Job Code: XXX Salary/wage Grade: Status: Exempt
Labor Type: Full Time
Position Summary:
The Information Security Analyst III is responsible for developing a comprehensive
approach to performing security assessments and reviews. Leads the effort to identify and
analyze security threats and trends. Advisor to all areas of organization on information
security matters including protecting systems and applications against threats and trends.
Owns the Role Based Access Management process, including interfacing with all areas of
the organization to understand specific needs of each functional area. Responds to
incidents, participates in security investigations, monitors and investigates alerts, assists
in the development and implementation of security program in order to create, deploy,
monitor, and promote organizational policies in accordance with regulatory standards,
best practices, and internal policies and procedures.
Technical/Functional Expectations:
1. Control
Framework:
Thorough understanding of all applicable regulations to ensure that
company policy, standards, and controls are working efficiently to
allow Fidelis Care to maintain compliance. Stays abreast of new
developments on applicable regulations.
2. Risk
Management:
As part of a team, defines risk management framework. Develops
techniques to support assessment and remediation activities. Leads
the security vulnerability process.
3. Incident
Response:
Leads the security incident response team. Develops new controls,
guidelines, standards and/or end user education material related to
prevent reoccurrence of previously identified incidents.
4. Operational
Efficiency:
Identifies opportunities that can improve the efficiency of information
security processes across environment.
5. Other duties as
required:
Perform other incidental and related duties as required or assigned.
Behavioral Competencies:
1. Attention to
Detail:
Able to be thorough and complete when working with assembling,
processing, or providing detailed information; track details even
when under pressure.
2. Integrity: Able to demonstrate consistency of words and actions; protect
confidential information; do what is right even when no one is
watching; demonstrate sound business ethics; consistently comply
with organizational values.
3. Versatility: Able to take on new or multiple roles and responsibilities and do
them well; be flexible when considering options or opinions; be open
to new ideas and change.
4. Deal with
Ambiguity:
Able to maintain composure and handle frequent job changes or
unexpected disruptions; work with conflicting, delayed, or unclear
information; remain effective when faced with change and
uncertainty.
5. Customer
Service:
Able to anticipate and respond to customer's needs, concerns, or
questions in order to meet or exceed their expectations; help evaluate
needs and options; show care and concern to demonstrate customer
importance and value.
6. Develop
Relationships:
Able to relate with others while building credibility and rapport; give
personal support and reassurance; put others at ease; build
cooperative relationships.
7. Diligence: Able to persevere in accomplishing tasks or objectives; commit to
long hours of work; do everything possible to reach goals; have a
sense of urgency about getting results.
Business Experience:
1. Industry Experience: 7+ years progressive experience in information security,
preferably in a health care environment. Knowledge of
Network Security.
2. Ability to effectively
prioritize and execute
tasks.:
3. Excellent communication
skills:
4. Excellent analytical and
problem solving skills.:
5. Regulatory: Strong knowledge of government and/or industry
requlatory requirements (HIPAA Security; NYS Rule
173, etc.)
Educational and Experience Requirements:
1. BA/BS - Bachelors Degree or equivalent required.
2.
Physical Requirements:
