IT Security Analyst II
Facility: Valleywise Health Medical Center
Department: IT Security
Schedule: Regular FT 40 Hours Per Week
Under the direction of the Director IT Security and Compliance this position will perform IT security analysis and assessments in accordance with established procedures and protocols. Ensures the demonstrable Confidentiality, Integrity and Availability (CIA) of Valleywise Health's information assets for authorized internal and external users by reviewing, validating, classifying, and responding to security events and cyber-attacks. The Information Technology Security Analyst will assist with meeting the requirements of all four domains (Security Oversight, IT Risk Assessment, Security Engineering, and Security Operations) and focus in depth upon the domain requirements of Security Operations and IT Risk Assessment. This position will provide education to others on IT security risk remediation/mitigation and industry best business practices.
- Requires a Bachelor's degree in Information Systems (IS) or related field; or an equivalent combination of training and progressively responsible experience that will result in the required specialized knowledge and abilities to perform the assigned work in lieu of degree. A Master's degree is preferred and may substitute for required experience.
- Requires at least three (3) years of progressively responsible information systems and application security analysis experience that demonstrates an understanding of the required knowledge, skills, and abilities.
- Prefer experience administering a SIEM solution.
- Requires Global Information Assurance Certificate (GIAC) Certified Incident Handler (GCIH) certification within 18 months of starting in the position.
- Must have a valid fingerprint clearance card issued by the Arizona Department of Public Safety OR submit a completed Affidavit at time of hire. Must complete fingerprint clearance card application within seven (7) days of hire date. Must present actual card within 90 days of applying for fingerprint clearance card.
Knowledge, Skills & Abilities:
- Must be able to analyze IT security threats, understand risk, articulate operational impact and work as part of a team dedicated to achieving and maintaining compliance to all applicable regulations.
- Requires the ability to provide guidance to senior management and peers in assessing and identifying threats and vulnerabilities.
- Must be able to perform IT security risk assessments, develop and resolve complex security related issues, recommend, develop and implement compensating controls to remediate or mitigate known risk and vulnerabilities to an acceptable level.
- A functional understanding of regulatory and compliance mandates, including but not limited to HIPAA, HITECH, PCI, Sarbanes-Oxley is preferred.
- Must be able to create, expand and maintain relationships with peers and stakeholders.
- Must be attentive to communications interaction; demonstrate comprehension of detailed information; and adapt to a variety of verbal styles and modes of persuasion.
- Must possess excellent conflict resolution skills and promote a cordial and professional work environment.
- Must be reliable and have the ability to inspire performance and take bold and decisive action despite risks and uncertainty.
- Requires the ability to read, write and speak effectively in technical and business English.