Previous Job
Security Analyst III
Ref No.: 19-02190
Location: Newark, New Jersey
This position is an intermediate level security analyst within IT Security Governance and IT Security Operations.

IT Security Operations:
  • Review and recommend Firewall change requests
  • Monitor and escalate as appropriate intrusion detections
  • Review security related application incidents and notify application owners and IT Security Governance
  • Review and approve access requests (RFP's)
  • Provide Role Based Access Control (RBAC) to individual users and perform recertification based on segregation of duties and roles
  • Maps workflows in provisioning users into our systems and infrastructure
  • Comply with internal and external audit requests
  • Monitor the effectiveness of the Enterprise wide information security program
  • Provide data for audit indicating changes made to access control lists to facilitate audits and other investigations
  • Participate in investigating possible security violations
  • Track and maintain operational security access metrics

IT Security Governance:
  • Document and create workflow diagrams showing the production of, transmission and use of electronic Protected Health Information (ePHI) and other sensitive information
  • Provide guidance and direction regarding security control elements in policies throughout the organization
  • Understand relevant business processes and their implications on information security
  • Maintain information security risk identification, tracking and mitigation processes
  • Provide input to the information security awareness, training and education program
  • Assist in development of accurate and relevant information security process and operational metrics
  • Assist in defining monitoring measures to detect and ensure correction of security breaches and policy violations
  • Proactively keep current on information security issues related to business processes as input into departmental policies and procedures
  • Monitor the effectiveness of the Enterprise wide information security program

Core Individual Contributor Competencies:
  • Personal and professional attributes that are critical to successful performance for Individual Contributors: Customer Focus, Accountable, Learn, Communicate

  • Requires Bachelor's degree, preferably in Computer Science, from an accredited college or university
  • 3 years prior IT security related work experience

Additional licensing, certifications, registrations:
  • Prefers CISSP certification
  • Prefers SANS GIAC certification

  • Requires a solid understanding of IT security concepts with an emphasis on Security and Risk Assessment
  • Requires solid knowledge of IT and computer systems
  • Requires a solid understanding of internal and external audit process
  • Requires broad understanding of Public Key Infrastructure (PKI), encryption, network security controls tools and functionalities
  • Requires familiarity with HIPAA security rules and National Institute of Standards and Technology (NIST) standards
  • Requires familiarity with Identity Management (IDM) concepts

Skills and Abilities:
  • Requires strong analytical thinking skills
  • Requires excellent verbal and written communication skills
  • Requires excellent interpersonal skills and the ability to work effectively with others as a team
  • Requires excellent PC skills and demonstrated proficiency with MS Office Suite
  • Requires the ability to handle multiple tasks and prioritize effectively

Internal Relationships:
  • Legal Affairs IT Governance or IT Security Operations
  • Internal Customers/Users
  • Internal clients and constituents