Cyber Security Analyst I

IT Services  
Full Time
Day Shift 
M-F 7/8a-4/5p AND Alt On-Call

Consistently named best hospital, Lexington Medical Center dedicates itself to providing quality health services that meet the needs of its communities. Ranked #1 in the Columbia metro area by U.S. News & World Report, Lexington Medical Center is the only hospital named one of the Best Places to Work in South Carolina and the first hospital in the state to achieve Magnet with Distinction status for excellence in nursing care.

The 607-bed teaching hospital anchors a health care network that includes six community medical centers and employs more than 8,700 health care professionals. The network includes a cardiovascular program recognized by the American College of Cardiology as South Carolina’s first HeartCARE CenterTM and an accredited Cancer Center of Excellence affiliated with MUSC Hollings Cancer Center for research and education. The network also features an occupational health center, the largest skilled nursing facility in the Carolinas, an Alzheimer’s care center and nearly 80 physician practices.  Its postgraduate medical education programs include family medicine and transitional year.

Job Summary

Under the general direction of the Manager, Information Security, the Cyber Security Analyst I (CSA1) is responsible for assisting with the day-to-day operations of securing our information systems, network, and data. The CSA1 is tasked with providing technical expertise in all areas of network, system, and application security. The CSA1 works closely with the various teams in the Information Technology department to ensure that systems and networks are always designed, developed, deployed, and managed with an emphasis on strong, effective security and risk management controls. The CSA1 researches and reports on emerging threats to help our organization take pre-emptive risk mitigation steps. The CSA1 effectively correlates and analyzes security events within the context of Lexington Medical Center's unique environment to proactively detect threats and mitigate attacks before they occur.

Minimum Qualifications

Minimum Education: Associate's Degree in Computer Science, Information Technology, or Cybersecurity
Minimum Years of Experience: 2 Years of Direct IT Technical Experience or Cyber Security Experience

*Those with an Active CEH, SSCP, CASP+,OSCP, or other Applicable Certifications Approved by Leadership May Be Credited up to 2 Years Towards this Experience.
Substitutable Education & Experience (Optional): In lieu of above, the following combinations will be considered:

High School Diploma and 4 Years* of Direct IT Technical Experience or Cyber Security Experience;

Bachelor's or Master's Degree in Computer Science, Information Technology, or Cybersecurity;

*Those with active CEH, SSCP, CASP+,OSCP, or other applicable certifications approved by leadership may be credited up to 2 years towards the above required experience.
Required Certifications/Licensure: CompTIA Security+,  Cybersecurity Analyst (CySA+), or Equivalent
Required Training: Working knowledge of basic networking and information system principles of enterprise-class technologies such as firewalls, routers, switches, wireless, VPN's, and desktop and server operating systems;

Working knowledge of Microsoft's enterprise technology platforms (Active Directory, Exchange, Office 365);

Base technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, anti-malware solutions, automated policy compliance tools, firewalls, intrusion protection systems, and desktop security tools;

Fundamental knowledge of network traffic alerts to assess, prioritize and differentiate between potential intrusion attempts and false alarms.
 

Essential Functions

• Perform duties as a cybersecurity analyst for the information technology security infrastructure (Physical, Administrative, and Technical) to safeguard company assets, protected and regulated data, intellectual property, and computer systems. Information protection responsibilities include, but are not exclusive to: network security architecture, network/system access, controls and monitoring policies, employee education and awareness, and audits and reporting.
• Proactively monitor the environment to detect and implement steps to mitigate cyber-attacks before they occur.
• Finds trends, patterns, or anomaly correlations utilizing security-relevant data.  Recommends proactive security measures.
• Participate in the Investigation of security violations and breaches - may prepare reports on intrusions as needed.
• Participation in incident response including, but not limited to planning response activities, detecting security violations, coordinating containment and/or eradication measures, and coordination of post incident review and corrective actions.
• Review, investigate, and respond to real-time alerts within the environment.
• Review real-time and historical reports for security and/or compliance violations.
• Monitor online security-related resources for new and emerging cyber threats.

Duties & Responsibilities

• Assesses new security technologies to determine potential value for the enterprise.
• Conducts vulnerability assessments of firm systems and networks.
• Leverage knowledge of commonly used network protocols and detection methods to defend against related abuses.
• Manage systems owned by the Information Security Team.
• Serve as a security resource to all levels of workforce and customer base including: executive management departmental employees, patients and students, and external bodies such as state agencies.
• Assist in the identification of protection goals, objectives and metrics consistent with corporate strategic plan and regulatory requirements.
• Escalate alerts that require additional analysis to Level 2 analysts as needed.
• Performs all other duties as assigned.

We are committed to offering quality, cost-effective benefits choices for our employees and their families:

• Day ONE medical, dental and life insurance benefits 
• Health care and dependent care flexible spending accounts (FSAs)
• Employees are eligible for enrollment into the 403(b) match plan day one.  LHI matches dollar for dollar up to 6%.
• Employer paid life insurance – equal to 1x salary
• Employee may elect supplemental life insurance with low cost premiums up to 3x salary 
• Adoption assistance
• LHI provides its full-time employees employer paid short-term disability and long-term disability coverage after 90 days of eligible employment
• Tuition reimbursement
• Student loan forgiveness

Equal Opportunity Employer
It is the policy of LMC to provide equal opportunity of employment for all individuals, and to remain compliant with applicable state and federal laws and regulations. LMC strives to provide a discrimination-free environment, and to recruit, select, on-board, and employ all employees without regard to race, color, religion, sex, age, disability, national origin, veteran status, or pregnancy, childbirth, or related medical conditions, including but not limited to, lactation. LMC endeavors to upgrade and promote employees from within the hospital where possible and consistent with the employee’s desires and abilities and the hospital’s needs.