Sr Information Security Analyst
Canton MA Office
Point32Health
Learn more about Point32Health, a not-for-profit health and well-being company based in New England. You’ll also find more information on company achievements, health equity initiatives andPoint32Health’s family of companies, including Harvard...Who We Are
Point32Health is a leading health and wellbeing organization, delivering an ever-better personalized health care experience to everyone in our communities. At Point32Health, we are building on the quality, nonprofit heritage of our founding organizations, Tufts Health Plan and Harvard Pilgrim Health Care, where we leverage our experience and expertise to help people find their version of healthier living through a broad range of health plans and tools that make navigating health and wellbeing easier.
We enjoy the important work we do every day in service to our members, partners, colleagues and communities. To learn more about who we are at Point32Health, click here.
Job Summary
This position is responsible for analyzing the information security environment for Point32Health and developing security measures to safeguard the confidentiality, integrity, and availability of corporate information and data. In this role you will be expected to implement, monitor, assess and report on IT security, under guidance of senior staff. Reporting to the Cybersecurity Manager, the Security Analyst will work closely with IT teams across all threads where security applies.Key Responsibilities/Duties – what you will be doing
- Consult with Security and Infrastructure Services staff to evaluate and implement software systems that provide appropriate security.
- Communicate potential security exposures, misuse, or noncompliance situation to appropriate managers.
- Monitor security logs to identify potential security related events. Capture and report security metrics.
- Monitors security trends and assess potential uses of new technologies to meet identified business goals.
- Analyze business requirements and risks to technology implementation for security-related issues.
- Develop and produce systems monitoring and metrics reports and assess the content.
- Work with Technical Writers to document and review security policy and procedures.
- Participate in audits both internal and external as required.
- As required, participate on project teams, and manage the completion of all assigned project related tasks.
- Train information owners in the implementation of necessary security controls by developing and presenting information security awareness.
- Other duties as assigned
Qualifications – what you need to perform the job
Education, Certification and Licensure
- Bachelor’s degree in computer science with emphasis on IT security required or equivalent experience.
Experience (minimum years required):
- 5 – 7 years in systems security, including maintenance and use of security products in a distributed enterprise environment, and experience in compliance with federal security regulations.
Skill Requirements
- Specific working knowledge of and experience in the following work environments:
- Identity and Access Management
- SailPoint Identity Management
- PingFederate
- SiteMinder/Identity Manager/Provisioning Manager
- CyberArk PAM
- Cloud security
- Active Directory
- LDAP Directory Services
- Perl, Python, VBS and Java.
- Vulnerability scanning and management
- Intrusion Detection/Prevention System
- Virus & malware protection
- Advanced Threat Protection
- Public Key Infrastructure
- Data Loss Prevention
- Microsoft O365
- Firewalls
- VPN
- Forensics
- Mobile application security
- Operational data stores, data marts, data warehouse
- Security Information and Event Management (SIEM)
- N-tiered infrastructure patterns
- Windows and UNIX operating system environments
- Web portal technology and application servers, i.e. Apache Tomcat, WebLogic, WebSphere
- Data/Computer Operations technology integration and support
- CRM solutions/Salesforce
- Excellent communications skills both written and oral
Working Conditions and Additional Requirements (include special requirements, e.g., lifting, travel):
- Must be able to work under normal office conditions and work from home as required.
- Work may require simultaneous use of a telephone/headset and PC/keyboard and sitting for extended durations.
- May be required to work additional hours beyond standard work schedule.
The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position. Management retains the discretion to add to or change the duties of the position at any time.
Compensation & Total Rewards Overview
As part of our comprehensive total rewards program, colleagues are also eligible for variable pay. Eligibility for any bonus, commission, benefits, or any other form of compensation and benefits remains in the Company's sole discretion and may be modified at the Company’s sole discretion, consistent with the law.
Point32Health offers their Colleagues a competitive and comprehensive total rewards package which currently includes:
Medical, dental and vision coverage
Retirement plans
Paid time off
Employer-paid life and disability insurance with additional buy-up coverage options
Tuition program
Well-being benefits
Full suite of benefits to support career development, individual & family health, and financial health
For more details on our total rewards programs, visit https://www.point32health.org/careers/benefits/
Commitment to Diversity, Equity, Inclusion, Accessibility (DEIA) and Health Equity
Point32Health is committed to making diversity, equity, inclusion, accessibility and health equity part of everything we do—from product design to the workforce driving that innovation. Our Diversity, Equity, Inclusion, Accessibility (DEIA) and Health Equity team's strategy is deeply connected to our core values and will evolve as the changing nature of work shifts. Programming, events, and an inclusion infrastructure play a role in how we spread cultural awareness, train people leaders on engaging with their teams and provide parameters on how to recruit and retain talented and dynamic talent. We welcome all applicants and qualified individuals, who will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.
Scam Alert: Point32Health has recently become aware of job posting scams where unauthorized individuals posing as Point32Health recruiters have placed job advertisements and reached out to potential candidates. These advertisements or individuals may ask the applicant to make a payment. Point32Health would never ask an applicant to make a payment related to a job application or job offer, or to pay for workplace equipment. If you have any concerns about the legitimacy of a job posting or recruiting contact, you may contact TA_operations@point32health.org
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Active Directory Application security Audits Cloud Compliance Computer Science Cyberark Firewalls Forensics IAM Intrusion detection Java LDAP Malware Monitoring Nonprofit Perl Python SailPoint SIEM Strategy Tomcat UNIX VPN Windows
Perks/benefits: Career development Competitive pay Equity / stock options Gear Health care Insurance Salary bonus Team events
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.