Security Analyst Associate - Full time, Days

Job Description

The

• Help in alerts investigation generated by security controls. Implement provided recommendations to improve detection capability accuracy.
• Participate in the optimization of incident response standards and procedure to increase the organization’s cyber resiliency.
• Analyze the enterprise information security environment and identify potential gaps in the security measures to safeguard valuable information assets.
• Help identify, evaluate, and report on information security risks.
• Collaborate with vendors and internal departments to recommendations to optimize performance of security controls.
• Collaborate with network and technology support team to enhance and improve security processes and documentation.
• Participe in the evaluation and assessment of information security vulnerabilities, solutions, and organizational posture.
• Stays current with security technologies and threats in order to contextualize the events observed in the environment.
• Assist in providing initial assessment of impact severity for IT security incidents and executing the appropriate response.
• Investigates any fraud and other computer issues.
• Perform daily operational tasks required for the department to protect NM’s assets. Tasks range from (but are not limited to):
  • Analyze security alerts
  • Maintain endpoint protection infrastructure
  • Facilitate risk evaluation related to vulnerability assessment findings and coordinate risk treatment

AA/EOE.

Qualifications

• Bachelor’s degree preferred or equivalent combination of education and experience
• Working knowledge of the following subjects:
  • Network (protocols, topologies…)
  • Security controls (proxies, IPS, IDS, Firewall and packet analyzers)
  • Systems (Windows, Linux/UNIX)
  • Software development (development / scripting langages)
  • Incident Response
  • Threat and Vulnerability Management
• Working knowledge of Security Standards/Controls specified under various IT governance and compliance models (NIST, HIPAA, PCI, ISO 27001&27002, ITIL).
• Excellent problem solving skills
• Demonstrated timely task completion involving solid organizational skills, task tracking, follow-up, and productive peer interaction.
• Excellent verbal and written communication skills.

• Certification or courses: Security+, GSEC, GCWN, GCED or CEH a plus.

#LI-RW1

Additional Information

Northwestern Medicine is an affirmative action/equal opportunity employer and does not discriminate in hiring or employment on the basis of age, sex, race, color, religion, national origin, gender identity, veteran status, disability, sexual orientation or any other protected status.