Security Analyst

Location: Moorhead, Minnesota
The IT Security Analyst supports the Information Security department's goals and objectives by performing multiple technical or functional roles. Information Security's goals and objectives are to develop information, computer, network, product, application and related business security policies, and mandate minimum security standards; facilitate or implement tasks or processes in support of security policies and standards; and assess compliance with such Security policies. The security professional will actively promote awareness of these Security Policies and related security topics throughout the organization. Additionally, the security professional will act as a subject matter expert for the CISO and perform governance, risk management and compliance (GRC) as required. 

Primary Responsibilities:
  • Tracking information security risks and identifies information security and vulnerabilities and facilitates required remediation activities. 
  • Performs risk and security impact analysis to address compliance with applicable laws, regulations, requirements and to effect positive financial security investments 
  • Monitors networks and configures firewalls & data encryption programs
  • Conducts pen testing to seek system vulnerability in cases of attack
  • Coordinates and conducts internal security audits to ensure the effectiveness of security parameters 
  • Ensures the confidentiality, integrity and availability of current information systems and that ongoing investments are made in a way that appropriately utilizes resources to protect data (HIPAA/HITECH/PCI/PII, etc.) 
  • Assists in creation of the overall IT security strategy and disaster recovery plan
  • Implements approved service requests according to standard procedures 
  • Manages information security incidents and problems to agreed service levels 
  • Monitors KPI's on a continuous basis to ensure information security controls meet business needs 
  • Develops awareness training and presents to teams and departmental leaders 
Required Qualifications:
  • Relevant Bachelor’s degree, certifications, and/or work experience equivalent
  • 4+ years of IT Security experience
  • 1+ years of healthcare/insurance experience
  • Thorough knowledge and/or experience with, ISO 27001/2, HIPAA and HITRUST frameworks
  • Applicants with any of the following certifications will be strongly preferred: CISSP, CRISC, CISA, CHSP, HCISSP, GSEC, CEH, Security+, CAP, SSCP
  • Knowledge and/or experience with health insurance
  • Strong organizational, analytical, and critical thinking skills with the ability to manage and prioritize multiple responsibilities and deadlines
  • Work independently with general direction from leadership; self-motivated
this job portal is powered by CATS