Sr. Security Analyst

style="box-sizing: border-box;" style="box-sizing: border-box;" A county organized health system, CalOptima provides publicly funded health care coverage for low-income children, adults, seniors and people with disabilities in Orange County, CA. CalOptima's mission is to provide members with access to quality health care services delivered in a cost-effective and compassionate manner. In total, CalOptima serves nearly 800,000 members with a network of more than 9,000 primary care doctors and specialists, as well as 40 acute and rehab hospitals. style="box-sizing: border-box;" style="box-sizing: border-box;" Sr. Security Analyst style="box-sizing: border-box;" This position establishes and performs procedures necessary to ensure the security of information systems assets and to protect them from intentional or inadvertent access or destruction in accordance with company policies and external requirements such as HIPAA, DHCS, OIG and other relevant regulatory requirements. This role is responsible for the creation, maintenance and oversight of the enterprise-wide security program style="box-sizing: border-box;" style="box-sizing: border-box;" Position Responsibilities style="box-sizing: border-box;" -Performs vulnerability assessments and penetration tests of technology platforms and provides internal customers with recommendations and analysis of key risks, metrics, and remediation plans. style="box-sizing: border-box;" -Conducts security audits and performs risk assessment of internal systems and facilities against established standards in order to engage in threat modeling and to identify best practices and configuration standards for technology platforms. style="box-sizing: border-box;" -Works and confers with business and IS management to understand business and data access needs, security violations to establish action plans, determine priorities and provide project oversight as needed. style="box-sizing: border-box;" -Directs and leads project teams in response to vulnerability alerts and ensures application, system, and network compliance with vulnerability mitigation requirements as well as the implementation of security measures to meet corporate security policies and external regulations (e.g., HIPAA and OIG). style="box-sizing: border-box;" -Utilizes formal and informal written communication methods (e.g., emails, newsletters, PowerPoint presentations, executive updates, task lists, updates) to communicate updates and findings; and facilitates project meetings and presentations to all types of diverse audiences (e.g., senior management, customers, technical staff). style="box-sizing: border-box;" -Documents computer security and emergency measures policies, procedures, and trains users and promotes enterprise wide security awareness to ensure system security and to improve business efficiency. style="box-sizing: border-box;" -Monitors use of data files and regulates access to safeguard information in computer files. style="box-sizing: border-box;" style="box-sizing: border-box;" -Develops security plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure and to meet emergency BCP/DR needs; works with staff and outside vendors as needed to create and implement plans. style="box-sizing: border-box;" -Evaluates information to determine compliance with standards - uses relevant information and individual judgment to determine whether events, processes, and new security technology complies with laws, regulations, or standards; weighs business needs against security concerns. style="box-sizing: border-box;" -Heads up efforts for all internal and external audit remediation efforts/activities as it relates to security. style="box-sizing: border-box;" -Other projects and duties as assigned. style="box-sizing: border-box;" style="box-sizing: border-box;" Possess the Ability To: style="box-sizing: border-box;" -Maintain expert level knowledge of the tools and processes required by the role and serve as a technical lead in your area of expertise. style="box-sizing: border-box;" -Function well in large-scale, complex, cross-functional/platform environments. style="box-sizing: border-box;" -Maintain strong individual performance and research with advanced analytical and critical thinking skills while also sharing knowledge, coaching, and mentoring others. style="box-sizing: border-box;" -Communicate clearly and concisely, both verbally and in writing, including utilizing excellent interpersonal and customer service skills. style="box-sizing: border-box;" -Make judgment calls in the presence of competing priorities and incomplete data. style="box-sizing: border-box;" -Maintain the highest levels of trust, reliability, and dependability, considering the extremely sensitive and confidential nature of the investigative work involved in this role. style="box-sizing: border-box;" -Utilize and access computer and appropriate software (e.g. Microsoft Office; Word, Excel, PowerPoint) and job-specific systems to produce correspondence, charts, spreadsheets, and/or other information applicable to the position assignment. style="box-sizing: border-box;" style="box-sizing: border-box;" Experience & Education: style="box-sizing: border-box;" -Bachelor's degree in Management Information Systems, Computer Science, Engineering, and/or equivalent work experience is required. style="box-sizing: border-box;" -Advanced Security Certifications is needed upon/after hire. Acceptable security certifications include: CISSP, CISA, CISM, HCISPP, CRISC. style="box-sizing: border-box;" -5 Years of Information Technology / Security experience is required. style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" Knowledge of: style="box-sizing: border-box;" -Windows Server administration. style="box-sizing: border-box;" -Microsoft Exchange. style="box-sizing: border-box;" -Active Directory and Group Policy. style="box-sizing: border-box;" -SQL Server Administration. style="box-sizing: border-box;" -Switching, routing, VLANs, firewalls, IPS, Endpoint Protection, MDM, DLP, web filtering, load balancer, O365, and basic scripting. style="box-sizing: border-box;" -Security Framework: HITRUST, NIST, CIS, ISO27001 and strong technical and analytical skills, particularly within information security. style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" CalOptima provides an excellent benefits package including retirement benefits, PTO, 10 Holidays, 9/80 schedule and much more. style="box-sizing: border-box;" style="box-sizing: border-box;" Grade O: style="box-sizing: border-box;" Minimum: $82,576 style="box-sizing: border-box;" Midpoint: $107,328 style="box-sizing: border-box;" Maximum: $131,976 style="box-sizing: border-box;" style="box-sizing: border-box;" Please apply online at: www.caloptima.org style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" style="box-sizing: border-box;" Copyright ©2017 Jobelephant.com Inc. All rights reserved. style="box-sizing: border-box;" style="box-sizing: border-box;" Posted by the FREE value-added recruitment advertising agency style="box-sizing: border-box;" style="box-sizing: border-box;" jeid-88232e486b4a6744a1372bceab9b404c