Security Analyst
Oak Brook, IL, United States
Streamlines mission is to build innovative technology solutions that empower people who improve behavioral health and quality of life of those in need. We are a high growth technology company that delivers web-based software for healthcare organizations to provide and coordinate all service delivery processes. Streamline has been offering software in the behavioral health marketplace since 2003. Streamline has built and maintains systems for some of the nations premier behavioral health organizations using the latest web-based technology.
Streamline offers competitive compensation and benefits packages as well as a challenging, yet flexible, work environment that is conducive to collaboration and productivity. A career with Streamline Healthcare Solutions provides opportunities for growth and continued learning in a workplace where individual contribution is valued and recognized. Join us, and advance your career today with a company that is on the cutting edge of the behavioral healthcare technology industry.
Here at Streamline, we strive on building lasting and trusting relationships with our clients, and our employees set the bar.
Job Overview:
The Security Analyst is a hands-on role that will lead the monitoring and maintaining of
Streamlines security perimeter and make recommendations, based on analysis and findings, for
security improvements. This position will apply solid technical, business, and problem solving skills to
diagnose and resolve issues. The Security Analyst will coordinate with vendors, customers, and
Streamline staff to ensure company documentation (procedures, processes, contractual language,
best practices, configuration specifications) is in place and kept up-to-date. This position will
participate in the monthly server maintenance schedule.
The IT Security Analyst will lead efforts ensuring compliance with HIPAA, NIST (and other security
frameworks), FISMA, FedRAMP, and other regulations and best practices. The Security Analyst will
work independently to understand security needs and develop/support security solutions. The
Security Analyst will assist, consult, train and mentor other NOC team members and Support Team
staff and provide direct technical guidance with tasks as necessary. Other responsibilities include
facilitating customer meetings and periodically facilitating security training sessions for staff and
customers.
Essential Job Functions:
Track and resolve identified security issues as identified in penetration tests, security audits, Streamlines security risk assessment program, Azure Tools (Microsoft Defender for Cloud - formerly Azure Security Center and Azure Defender), and other security tools.
Ensure compliance with Streamlines Disaster Recovery and Business Continuity plans (including periodic testing and desktop exercises)
Work with internal and external parties in support of IT compliance-related documentation requests, corrective actions, and incident response reporting
Secure network, hardware, desktops, laptops, mobile devices and all company data
Routinely perform internal and external risk analysis, security audits, vulnerability assessment, and penetration testing
Monitor traffic and regularly review various logs from routers, UTMs, firewalls, intrusion prevention systems. Configure and monitor SIEM logs and events and work with designated Managed Detection and Response vendors.
Develop and implement security policies
Identify areas of non-compliance and make recommendations for achieving compliance
Coordinate data destruction and secure disposal of hardware
Actively work to reduce risk levels of data loss from malware, antivirus and ransomware
Have a good understanding of general networking concepts and protocols
Monitor, assess, and report compliance with internal controls including segregation of duties, authorizations, access control, and general IT controls related to the confidentiality, integrity, and availability of customer data
Monitor the organizations networks and systems for security breaches or intrusions; develop and/or activate contingency planning in the event of a security breach
Evaluate the design and effectiveness of IT controls based upon industry best-practice models (e,g. ITIL, FISMA, NIST, etc.)
Job Requirements:
Bachelor's degree from four-year college or university in Business Administration, Information Systems Management, or other relevant fields; or 6+ years related experience and/or training; or equivalent combination of education and experience. 5+ years of experience in support services or technology management.
Minimum 5 years of experience directly related to information security
Five plus years working experience with FISMA, HIPAA and/or NIST 800-53
SSCP (Systems Security Certified Practitioner), CISSP (Certified Information Systems Security Professional) or CEH (Certified Ethical Hacker) certification is preferred
Experience with using security tools such as NMAP, Qualys, and SIEMs
3+ years of security experience with Azure Cloud (or other cloud provider)
Excellent written and oral communication skills
Strong critical thinking, analytical thinking, and problem-solving abilities
#J-18808-Ljbffr