SECURITY ANALYST II - IT SECURITY

Become part of the Beebe team - an inclusive team positioned in a vibrant, coastal community. Enjoy a fulfilling career as you support the health of our patients and a team focused on excellence.

Benefits

In addition to competitive compensation and wellness benefits (medical, dental, vision and prescription) Beebe Healthcare also offers:

• Sign-on and Referral Bonuses for select positions
• Tuition Assistance up to $5,000
• Paid Time Off
• Long Term Sick accrual
• Employer Contribution Plan
• Free Short and Long-Term Disability for Full Time employees
• Zero copay for drugs on prescription plan for certain conditions
• College Bound 529 Savings Plan
• Life Insurance
• Beebe Perks via Work Advantage
• Employee Assistance Program
• Pet Insurance

1. Demonstrates strong knowledge and proficiency in Information Security principles, regulations, standards, risk management methodologies, business continuity and change management, network security architecture and design, and solid understanding of network security issues, and project management principles. 

2. Demonstrates proficient data gathering techniques and the ability to troubleshoot information security issues and develop solutions. 

3. Demonstrates knowledge and proficiency in Firewall concepts and products (e.g., Cisco), Access Control, Authentication, Secure VPNs (Cisco). 

4. Demonstrates proficiency in data mining and querying techniques. 

5. Demonstrates knowledge of security architecture/engineering standards, including corporate firewalls technology, access control, authentication, virtual private networks. 

6. Has some experience in penetration testing techniques. 

7. Knowledge of industry standards for the use of forensic tools and collection of evidence. 

8. Works with minimal supervision in support of team initiatives and assists and educates Information Security Analyst I personnel. 

1. Works with other InfoSec personnel and database team and the enterprise solution architects to define compliance risk-related requirements (HIPAA, PCI, HITECH, and Joint Commission) for existing infrastructure and future architectures. This could potentially include supporting the CISO with on-demand security related requests from clinical and corporate groups on an ad-hoc basis. 

2. Participates in the review, test, and integration of security tools. 

3. Develops information security training materials for BEEBE end users and validates that BEEBE personnel are aware of their responsibilities and accountability as outlined in the security policies. Performs hand-on technical work in support of daily Security Operations activities by performing vulnerability management assessments on a set frequency and reporting results to the Manager of Information Security via use of approved departmental solutions and toolkits. 

4. Performs eDiscovery activities with supervision by collecting evidence and maintaining chain of custody of records. 

5. Support business continuity and change management teams in related processes that include information security standards. 

6. Performs risk analysis and risk assessment activities to support regulatory requirements related to financial, healthcare industries or related accreditation requirements (e.g., HIPAA Security and Privacy Rules) 

7. Facilitates analysis of security issues with respect to interfaces, databases, and other related 

Experience Required: 

1. 3 - 6 years related work experience in information security, risk management, 2 years of experience with security engineering, security architecture concepts 

2. At least 1 year of performing security operational duties (vulnerability assessments, eDiscovery, third party risk management) 

3. At least 1 year of Robotic Process Automation experience preferred (Power Automate, Automation Anywhere) 

4. Good knowledge of basic database query techniques & data mining to analyze data (e.g., Excel, SQL, Access, Business Objects) or other related database functionality. 

5. Project management skills & experience with MS productivity tools (Access, Word, PowerPoint, Visio, and Project). 

6. Knowledge of Microsoft Active Directory, and UNIX environments. 

7. Experience implementing application-level security in clinical and financial systems (e.g., Epic, Lawson). ERP experience a plus (PeopleSoft, SAP). 

8. General understanding of networking and communication techniques including WANs, LANs, Internet, Intranet, protocols, such as TCP/IP and their impact on security. 

9. Security engineering, standards and leading practices 

10. Strong knowledge of corporate Firewalls (Cisco), Access Control, Authentication, Cisco Routers and switches, Secure VPNs. 

11. Some experience in penetration testing, techniques, and toolsets 

12. Some experience with intrusion prevention systems (Sentinel One, Cisco) 

13. Some experience with vulnerability assessment solutions and services (Nessus, OWASP Zap) 

14. Knowledge of industry standards for the use of forensic tools and collection of evidence 

Education Required: 

1. Bachelors degree in computer science or related field or equivalent work experience required.