The Information Security Analyst will manage the daily system security administration including proactive measures, reactive responses, monitoring of dashboards and user escalations, prevention technologies, technical policies, analysis of measurements, and timely quarantine collaboration. This position demands strong information security expertise, persistent focus, decisive action, and the ability to communicate effectively across broad and varied audiences. The role will require availability for exception support outside of normal business hours to include emergency callout over weekends or holiday periods as necessary to address risks or remediate impact as a key member of the Security Incident Response Team.
This position is eligible for a hybrid work schedule.
Pay: $65,000-78,000 annually, DOE
Benefits:
- Several Healthcare plans to choose from, dental (includes adult and child orthodontia) and vision
- 15 days of earned PTO your first year, 12 company holidays + 2 floating holidays.
- 403b + match
- Early close Fridays (3 paid hours each Friday)
- Early close prior to a holiday (3 paid hours)
- Paid Time off between Christmas and New Year's Holiday
- Paid Volunteer Time
- Paid Parental Leave and Care Giver Leave
- Paid Life Insurance
- Free Employee Assistance Plan
- Free Basic Dental
- Pet Insurance options
Essential Duties and Responsibilities
- Quickly learn and understand the security measures at all stages of the informatics systems life cycle and implement a data lifecycle management framework. Work with IT colleagues to plan, design, implement, and manage operations of data lifecycle.
- Independently work with auditors, solution providers, regulatory entities, and cross-functional teams.
- Build expertise in security framework and adopted standards for the organization such as NIST 800-53.
- Independently use analytics and tools to perform audits to identify soft spots in the organization’s defenses and ensure execution of the organization’s stated risk prevention practices and policies.
- Recommend security enhancements to senior IT management. Help plan and take ownership to carry out the organization’s way of handling security. Help users when they need to install or learn about new security products and procedures.
- Implement solutions by planning, training, and installing/configuring information security systems while ensuring compliance under Mercy Configuration Management process.
- Autonomously interpret security controls accurately with regard to system security posture, policy updates and configuration for information systems with regard to security and event log analysis.
- Draft system security plans and other artifacts to satisfy certification and accreditation requirements under Risk Management Framework
- Communicate security and compliance issues in an effective and appropriate manner. Identify and document security exceptions and work with team members to update procedures where appropriate.
- Provide security engineering design and implementation expertise for infrastructure and application projects, making sure that security requirements are fulfilled and escalating issues where necessary.
- Collect and mature security metrics for risk programs.
Minimum Qualifications of Position
- Two (2) years of IT experience.
- (1) year in the Information Security Department.
Preferred Qualifications of Position
- Bachelor’s Degree.
- Certification in a combination of courses in computer programming, management information systems, business system design and analysis.
Knowledge and Skills
- Organized, problem solver, plan oriented, ability to work autonomously to deliver results.
- Proactive thinking to anticipate risks and prevent unauthorized actions.
- Assume responsibility as a subject matter expert across the organization and a mentor to others.
- Computer proficiency in Microsoft suite of products and report building.
Mercy Housing is a fair chance employer; while we conduct background checks for all positions, we will consider qualified applicants with arrest and conviction records.
Equal Opportunity Employer
This employer is required to notify all applicants of their rights pursuant to federal employment laws. For further information, please review the Know Your Rights notice from the Department of Labor.
