Security Analyst II
Department Description: This role is providing support on the Beth Israel Lahey Health IT team. This role is on the Cyber Security Service Line team.
Job Location: Boston, Massachusetts
Req ID: 42667BR
Job Summary: Responsible for ensuring a secure computing environment throughout the organization. Implement security services, systems, policies, and procedures for protecting information assets from threats, both external and internal. Provide advanced skills in identifying and eliminating security risks, threats, and vulnerabilities.
- Serve as subject matter expert for internal security analysis processes
- Monitor and analyze across multiple security platforms (SEIM, Firewall, IDS/IPS, Full Packet Captures, etc).
- Assess the security impact of alerts and anomalies.
- Develop reports to describe high impact security issues.
- Maintain a strong awareness and understanding of the current threat landscape.
- Participate in root cause analysis of critical events.
- Coordinate remediation efforts.
- Conduct research on emerging security threats, especially as they relate to medical devices.
- Performs related duties as assigned.
- Required to be on-call periodically.
- High School diploma or GED required. Bachelor's degree preferred.
- 3-5 years related work experience required.
- Working knowledge and experience with open-source security tools.
- Must demonstrate and maintain current knowledge of industry trends and technologies. Must be able to work independently and consultatively to apply applicable IT security rules, regulations, policies and procedures.
- Working knowledge of HIPAA framework, ePHI, HITRUST, ISO and NIST.
- Advanced technical computer skills as required for technical support specific to functional area and related systems.
- Expertise in data/trend analysis and report creation.
- Experience in programming/OS scripting.
- Working knowledge of malware analysis.
- Decision Making: Ability to make decisions that are guided by general instructions and practices requiring some interpretation. May make recommendations for solving problems of moderate complexity and importance.
- Problem Solving: Ability to address problems that are varied, requiring analysis or interpretation of the situation using direct observation, knowledge and skills based on general precedents.
- Independence of Action: Ability to follow precedents and procedures. May set priorities and organize work within general guidelines. Seeks assistance when confronted with difficult and/or unpredictable situations. Work progress is monitored by supervisor/manager.
- Written Communications: Ability to communicate clearly and effectively in written English with internal and external customers.
- Oral Communications: Ability to comprehend and converse in English to communicate effectively with medical center staff, patients, families and external customers.
- Knowledge: Ability to demonstrate full working knowledge of standard concepts, practices, procedures and policies with the ability to use them in varied situations.
- Team Work: Ability to work collaboratively in small teams to improve the operations of immediate work group by offering ideas, identifying issues, and respecting team members.
- Customer Service: Ability to provide a high level of customer service to patients, visitors, staff and external customers in a professional, service-oriented, respectful manner using skills in active listening and problem solving. Ability to remain calm in stressful situations.
Physical Nature of the Job:
Sedentary work: Exerting up to 10 pounds of force occasionally in carrying, lifting, pushing, pulling objects. Sitting most of the time, with walking and standing required only occasionally
BIDMC is EOE M/F/VET/DISABILITY/GENDER IDENTITY/SEXUAL ORIENTATIONVaccines
As a health care organization, we have a responsibility to do everything in our power to care for and protect our patients, our colleagues and our communities. BILH requires that all staff be vaccinated against influenza (flu) and COVID-19 as a condition of employment. Learn more about this requirement