IT Security Analyst - FT - HPW - Pennington, NJ

Capital Health is the region's leader in providing progressive, quality patient care with significant investments in our exceptional physicians, nurses and staff, as well as advance technology. Capital Health is a five-time Magnet-Recognized health system for nursing excellence and is comprised of 2 hospitals. Capital Health Medical Group is made up of more than 250 physicians and other providers who offer primary and specialty care, as well as hospital-based services, to patients throughout the region.

Capital Health recognizes that attracting the best talent is key to our strategy and success as an organization.  As a result, we aim for flexibility in structuring competitive compensation offers to ensure we can attract the best candidates.

Minimum Pay:

Position Overview

HYRBRID POSITION IN PENNINGTON, NJ

Minimum Pay: $48.99

SUMMARY

The IT Security Analyst develops and maintains information security policies and workforce security training and awareness. The IT Security Analyst serves as a critical resource for staff and leaders regarding information security policy implementation, interpretation, and compliance. The IT Security Analyst assesses and prioritizes information security and cybersecurity risk across the organization, facilitates compliance with regulatory requirements and information security policies, and develops and reports on information security metrics.

MINIMUM REQUIREMENTS

Education: Bachelor's degree in a relevant field or equivalent experience.

Experience: Demonstrated experience in cybersecurity or related roles. Experience with NIST CSF, HIPAA or other security frameworks a plus.

Other Credentials: Relevant certifications such as CompTIA Security+.

Certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), etc. preferred.

Knowledge and Skills: Knowledge of desktop support, networking and security technologies. Experience with desktops, servers, storage, virtualization, networking and security technologies.

Special Training: A+, Network+, Security+, CCENT, or other IT security certifications are a plus.

Usual Work Day: 8 Hours 

ESSENTIAL FUNCTIONS

• Performs detailed security reviews of systems, applications, and infrastructure components.

• Documents and communicates review findings, providing actionable recommendations to enhance security.

• Conducts third-party risk assessments to ensure supply chain risk is managed throughout the vendor's lifecycle.

• Assesses and reports on the vendor risks and benefits for the business as well as mandates for supplier compliance.

• Leads vulnerability management program by conducting regular vulnerability scans across the organization's infrastructure, applications, and network assets.

• Analyzes and prioritizes vulnerability scan results, working with IT teams to implement remediation efforts.

• Acts as security subject matter expert for projects and conducts security reviews of IT project designs, provides guidance and recommendations that align with organizational policy and best practices.

• Monitors security alerts, analyzes incidents, and contributes to incident response activities.

• Facilitates the remediation of security gaps reported within risk register, security audits and assessments, and escalates critical issues to leadership.

• Manages an exception review and approval process, and assures exceptions are documented and periodically reviewed.

• Supports workforce security activities including culture, awareness, and training.

• Contributes to the development and delivery of security awareness training for employees.

• Research, recommend, and contribute to information security polices, standards, and procedures. Assists with the lifecycle management of information security policies and supporting documents.

• Facilitates and coordinates examinations by qualified security assessors for regulations such as HIPAA and NIST. Works closely with control owners and external assessors to ensure requests are completed timely and necessary evidence is gathered.

• Stays abreast of the latest threat intelligence and security trends.

• Utilizes threat intelligence to enhance the organization's ability to detect and respond to emerging threats.

• Collaborates closely with the Security Operations team to understand day-to-day operational challenges and contribute to effective solutions.

• Participates in incident response activities, ensuring a coordinated and efficient response to security incidents.

• Maintains comprehensive documentation of security assessments and reviews, vulnerability management activities, TPRM activities, and security awareness training activities. 

• Generates regular reports on security metrics.

• Fosters a culture of security awareness and best practices within the organization.

• Stays informed about industry best practices, emerging threats, and advancements in cybersecurity.

• Pursues relevant certifications and training opportunities to enhance expertise.

• Performs other duties as assigned.

PHYSICAL DEMANDS AND WORK ENVIRONMENT

Frequent physical demands include:
Occasional physical demands include: Standing , Walking , Climbing (e.g., stairs or ladders) , Carry objects , Push/Pull , Twisting , Bending , Reaching forward , Reaching overhead , Squat/kneel/crawl , Wrist position deviation , Pinching/fine motor activities. Continuous physical demands include: Sitting, Keyboard use/repetitive motion. Lifting Floor to Waist 15 lbs. Lifting Waist Level and Above 10 lbs. Sensory Requirements include: Accurate near Vision, Accurate Far Vision, Color Discrimination, Minimal Depth Perception, Accurate Hearing

Offers are contingent upon successful completion of our onboarding process and pre-employment physical.  Capital Health will require all applicants to have an annual flu vaccine prior to start date, with the exception of individuals with medical and religious exemptions.

"Company will never ask candidates for social security numbers or date of birth during application phase. If you are asked for this information online, you may be a target for identity theft."

For benefit eligible roles, in addition to cash compensation, we provide a comprehensive and highly competitive benefits package, with a variety of physical health, retirement and savings, caregiving, emotional wellbeing, transportation, robust PTO plan, overtime to eligible roles, and other benefits, including "elective" benefits employees may select to best fit the needs and personal situations of our diverse workforce.

The pay rate listed is a good faith determination of potential base compensation that may be offered to a successful applicant for this position at the time of this job advertisement and may be modified in the future. When determining base salary and/or rate, several factors may be considered including, but not limited to location, years of relevant experience, education, credentials, negotiated contracts, budget, market data, and internal equity.  Bonus and/or incentive eligibility are determined by role and level.

The salary applies specifically to the position being advertised and does not include potential bonuses, incentive compensation, differential pay or other forms of compensation, compensation allowance, or benefits health or welfare.  Actual total compensation may vary based on factors such as experience, skills, qualifications, and other relevant criteria.