Security Analyst

R1 RCM Inc. is a leading provider of technology-enabled revenue cycle management services which transform and solve challenges across health systems, hospitals and physician practices. Headquartered in Chicago, R1® is a publicly-traded organization with employees throughout the US and international locations.

Our mission is to be the one trusted partner to manage revenue, so providers and patients can focus on what matters most. Our priority is to always do what is best for our clients, patients and each other. With our proven and scalable operating model, we complement a healthcare organization’s infrastructure, quickly driving sustainable improvements to net patient revenue and cash flows while reducing operating costs and enhancing the patient experience.

We are looking for a self-motivated Cybersecurity Analyst to join the R1 Cybersecurity Operations Team. We have a relentless focus on driving results for our customers and enabling them to invest more in patient care; in turn, this allows us to continue to grow our company and your career.

The successful candidate must be well-versed in security operations, cyber security tools, intrusion detection, and secured networks. They will serve as an expert and be responsible for providing network and security operations technical analysis, assessment, and recommendations in the areas of real-time security situational awareness, operational network system and applications systems security monitoring.

Responsibilities:

• Monitoring various security tools (e.g., Crowdstrike, Proofpoint, MS Sentinel, Azure VM ) to identify potential incidents, network intrusions, and malware events, etc. to ensure confidentiality, integrity, and availability of R1’s architecture and information systems are protected

• Reviewing and analyzing log files to report any unusual or suspect activities.

• Utilize incident response use-case workflows to follow established and repeatable processes for triaging and escalating.

• Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events using open-source intelligence (OSINT)

• Following established incident response procedures to ensure proper escalation, analysis and resolution of security incidents.

• Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy.

• Providing technical support for new detection capabilities, recommendations to improve upon existing tools/capabilities to protect the R1’s network, and assessments for High Value Assets.

• In this role, the successful candidate will maintain and monitor compliance with enterprise change management policies and procedures.

• Develop and maintain metrics & reports on the status of the R1 cyber security operations program.

• Attend and participate in Cyber security projects and the change management process. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning.

• As part of the overall Cybersecurity Operations Team, work in tandem with the security operations center (SOC), incident responders (when anomalous activity and host compromise occurs), and technology infrastructure and development team members.

• Participate in established incident response procedures to ensure proper escalation, analysis and resolution of security events and incidents.

• Managing and maintaining change detection and auditing tools

• Researching technology and application processing environments, operation, and associated user workflow to design, build, configure, implement, and document change compliance and audit rules within designated technologies.

• Reconciling changes detected by the system to authorized changes documented in service desk and change management applications.

• Analyzing large volumes of security event data from a variety of sources to identify suspicious and malicious activity.

• Documenting, logging and investigating security incidents.

• Performing case management throughout the incident lifecycle for moderately complex security incidents

• Design, build, and documenting security technology standards, processes, and operational workflows

• Operating and maintaining physical security monitoring systems

• Review, investigate, track, and monitor viruses and malware propagation and eradication throughout the enterprise.

• Monitoring compliance with enterprise security, compliance, and change management programs, policies, and processes

• Researching Threat Intelligence sources on the latest malware, trends, patches in order to keep the Security Program up-to-date.

• Providing metrics & reports on the status of tools, environments, and assets within the organization.

• Database and Application security to prevent attacks via Input Validation, Cross-Site Scripting, Buffer Overflow…etc

Required Qualifications:

• A minimum of 4 years of professional experience in an IT-related field

• Intermediate knowledge of security, monitoring, and networking technologies, tools, protocols and standards

• Knowledge of security policy, programs, process, and metrics

• CompTIA Security+ certification or equivalent professional experience in security operations

• Intermediate or advanced security, networking, or audit certification

• Recent experience with static and/or dynamic code review process

• Strong drive and passion to deliver distinctive end-products, a quick learner with a strong attention to detail and quality.

• Excellent interpersonal and communication skills

Desired Qualifications:

• A Bachelor’s degree in a technical discipline (e.g., Computer Science, Business Analyst, etc.)

• Certification (or ability to obtain certification) in at least one of the following areas: General Security (CISSP), Incident Handling (GCIH), Cloud Security (GCLD, Cloud+, CCSK), and Ethical Hacking (CEH)

• Experience with advanced cyber security tools, network topologies, intrusion detection, and secured networks 

• In-depth understanding of NIST SP 800-61, SOC 2 AICPA controls and frameworks. 

Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions.  Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests.

Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package.  To learn more, visit: R1RCM.com. 

R1 RCM Inc. (“the Company”) is committed to the principles of equal employment opportunity. The Company’s practices and employment decisions, including those regarding recruitment, hiring, assignment, promotion, compensation, benefits, training, discipline, and termination shall not be based on any person’s age, color, national origin, citizenship status, physical or mental disability, medical condition, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status or any other characteristic protected by federal, state or local law. Furthermore, the Company is committed to providing a workplace free from harassment based on any of the foregoing protected categories.

Working in an evolving healthcare setting, we use our shared expertise to deliver innovative solutions. Our fast-growing team has opportunities to learn and grow through rewarding interactions, collaboration and the freedom to explore professional interests.

Our associates are given valuable opportunities to contribute, to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more, visit: r1rcm.com

Visit us on Facebook