Sr IT Security Analyst

Overview

At Houston Methodist, the Sr. IT Security Analyst position is responsible for responding to Information Technology security issues throughout the organization and managing IT Security tools used to defend Houston Methodist. Identifies security issues and supports the development of security architecture solutions and implementation plans. This position independently performs security audits and risk assessments. Provides security guidance to stakeholders throughout the organization. Interfaces with technical and non-technical end users and other internal/external groups to assist with security issues and opportunities.

 

Key Responsibilities

• Deploy and manage Extended Detection and Response (XDR) solutions to enhance threat detection and response capabilities.
• Oversee Managed Detection and Response (MDR) services to ensure effective monitoring and incident response.
• Implement and maintain Microsoft Defender for Endpoint (MDE) solutions to protect against malware, ransomware, and other threats.
• Monitor and analyze endpoint security alerts to identify potential security breaches.
• Manage and optimize Security Information and Event Management (SIEM) systems for continuous monitoring and analysis of security events.
• Monitor and troubleshoot security-related issues to ensure seamless protection and access control.
• Conduct regular security assessments and vulnerability scans to identify and address potential risks.
• Develop and implement risk mitigation strategies to enhance the organization’s security posture.
• Collaborate with cross-functional teams to enhance security protocols and integrate security measures into all aspects of the organization’s operations.
• Stay updated with the latest industry trends and best practices in security technologies.
• Provide technical guidance and support to IT staff and end-users.

Skills

• In-depth knowledge of XDR and MDR solutions, including configuration, management, and optimization.
• Strong understanding of Microsoft Defender for Endpoint (MDE) tools and technologies.
• Excellent problem-solving and troubleshooting skills.
• Strong communication and interpersonal skills.
• Ability to analyze complex security data and identify patterns indicative of potential threats.
• In-depth understanding of security best practices and compliance requirements.
• Experience in developing and implementing policies to ensure regulatory compliance.
• Commitment to staying updated with the latest security trends, threats, and technologies.
• Participation in ongoing training and certification programs to enhance security expertise.

 

 

Houston Methodist Standard

HOUSTON METHODIST EXPERIENCE EXPECTATIONS

• Provide personalized care and service by consistently demonstrating our I CARE values:
  • INTEGRITY: We are honest and ethical in all we say and do.
  • COMPASSION: We embrace the whole person including emotional, ethical, physical, and spiritual needs.
  • ACCOUNTABILITY: We hold ourselves accountable for all our actions.
  • RESPECT: We treat every individual as a person of worth, dignity, and value.
  • EXCELLENCE: We strive to be the best at what we do and a model for others to emulate.

• Practices the Caring and Serving Model

• Delivers personalized service using HM Service Standards

• Provides for exceptional patient/customer experiences by following our Standards of Practice of always using Positive Language (AIDET, Managing Up, Key Words)

• Intentionally collaborates with other healthcare professionals involved in patients/customers or employees' experiential journeys to ensure strong communication, ease of access to information, and a seamless experience

• Involves patients (customers) in shift/handoff reports by enabling their participation in their plan of care as applicable to the given job

• Actively supports the organization's vision, fulfills the mission and abides by the I CARE values

Responsibilities

PEOPLE ESSENTIAL FUNCTIONS

• Interfaces with stakeholders throughout the organization to recommend and resolve security issues related to implementation of network, systems and applications security.

• Utilizing a variety of channels, effectively presents security policies, procedures and awareness programs to technical and non technical audiences across the organization.

• Confers with management, programmers and other appropriate stakeholders to support the identification of security applications and data.

• Mentors more junior staff and serves as role model regarding appropriate security guidelines and protocols.

SERVICE ESSENTIAL FUNCTIONS

• Independently responds to high level, complex security request. Proactively monitors potential threats. Prioritizes request tickets.

• Provides guidance, recommendations and documented security configurations for implementation of security tools and processes.

• Independently identifies security issues. Resolves as appropriate and makes recommendations for solutions to department management and stakeholders.

• Supports the definition of security frameworks for existing and new systems and the implementation of new security procedures and appropriate.

QUALITY/SAFETY ESSENTIAL FUNCTIONS

• Performs security audits and risk assessments. Maintains and updates necessary documentation to support security strategies by outlining requirements and benefits of specific security tools and solutions. This includes diagrams, security standards and disaster recovery plans. Makes recommendations for improvements.

• Applies advanced security skills and expertise to independently design, develop, deploy, monitor, maintain and control the suite of tools used by the Information security team to protect Methodist's assets.

• Efficiently manages assigned projects. Provides up to date reports and project and task progress. Tracks incoming and existing issues. May oversee project progress of more junior team members and provide guidance as needed.

FINANCE ESSENTIAL FUNCTIONS

• Utilizes effective time management and efficient utilization of department resources. Seeks out opportunities to increase efficiency and productivity for self and department.

• Supports team goals and metrics through efficient, timely and appropriate issue resolution.

GROWTH/INNOVATION ESSENTIAL FUNCTIONS

• Proactively stays abreast of industry standards and trends. Evaluates existing security policies and procedures and makes suggestions for improvement based on industry trends and business factors.

• Proactively manages own professional development. Completes Individual Development Plan (IDP).

This job description is not intended to be all-inclusive; the employee will also perform other reasonably related business/job duties as assigned. Houston Methodist reserves the right to revise job duties and responsibilities as the need arises.

Qualifications

EDUCATION

• Bachelor's Degree. An additional four years experience in addition to the minimum experience requirements below required in lieu of degree.

WORK EXPERIENCE

• Six years of technical IT experience such as Field Operations or Desktop Support to include at least two years experience in Information Security.

License/Certification

LICENSES AND CERTIFICATIONS - REQUIRED

• N/A

LICENSES AND CERTIFICATIONS - PREFERRED

• CISSP - Certified Information Systems Security Professional (IISSCC)

KSA/ Supplemental Data

KNOWLEDGE, SKILLS, AND ABILITIES

• Demonstrates the skills and competencies necessary to safely perform the assigned job, determined through on-going skills, competency assessments, and performance evaluations

• Sufficient proficiency in speaking, reading, and writing the English language necessary to perform the essential functions of this job, especially with regard to activities impacting patient or employee safety or security

• Ability to effectively communicate with patients, physicians, family members and co-workers in a manner consistent with a customer service focus and application of positive language principles

• Expert Knowledge of infrastructure security

• Expert Knowledge of endpoint security protection systems

• Expert Knowledge of advanced enterprise security systems, mobile/portable data security and enterprise secure email delivery.

• Expert Knowledge and experience in programming/scripting languages.

• Expert Knowledge of remote security exploits and vulnerabilities

SUPPLEMENTAL REQUIREMENTS

WORK ATTIRE

• Uniform No
• Scrubs No
• Business professional No
• Other (department approved) No

ON-CALL**Note that employees may be required to be on-call during emergencies (ie. DIsaster, Severe Weather Events, etc) regardless of selection below.

• On Call* Yes

TRAVEL****Travel specifications may vary by department**

• May require travel within the Houston Metropolitan area Yes
• May require travel outside Houston Metropolitan area No

Company Profile

Houston Methodist (HM) is one of the nation’s leading health systems and academic medical centers.  HM consists of eight hospitals: Houston Methodist Hospital, its flagship academic hospital in the heart of the Texas Medical Center, and seven community hospitals throughout the greater Houston metropolitan area.  HM also includes an academic institute, a comprehensive residency program, a global business division, numerous physician practices and several free-standing emergency rooms and outpatient facilities.  Overall, HM employs over 25,000 employees.   Houston Methodist is supported by a wide variety of business functions that operate at the system level to help enable clinical departments to provide the best patient care and service in a spiritual environment.

 

In 2019 Houston Methodist and its physicians treat more than 6,333 international patients from more than 76 countries. Houston Methodist Global Health Care Services’ consulting and education divisions also provide advisory services and training and development to health care organizations around the world.