Information Security Analyst - Information Technology

560 Delaware Ave, Buffalo, NY 14202, USA

Req #354

Monday, April 29, 2024

Why Work for Person Centered Services?

When you join the Person Centered Services team, you can make a difference in the lives of people with intellectual and developmental disabilities, while also reaching your own career goals:

• 20 Days of paid time off (PTO) in your first year! Increasing to 25 Days in your second year!

• 13 Paid Holidays

• Comprehensive health insurance plans for you to choose what best fits your needs (Medical, Dental & Vision)

• 401(k) - the Company matches 50% of the first 6% up to a maximum of 3%

• Company paid benefits: basic life insurance, long-term disability, and a Lifestyle Spending Account with a benefit of up to $500 set aside for employees to spend on wellness eligible expenses!

• Employee Discount and Wellness Programs - Currently providing 3 paid hours per week for exercise, volunteering or personal wellness!

• Professional development opportunities including mentorship program options and ongoing coaching

Position Summary

The IT Information Security Analyst at Person Centered Services is a pivotal contributor in delivering comprehensive information security expertise. This role entails engaging with innovative security tools to guarantee comprehensive protection, streamline troubleshooting, ensure thorough auditing, and uphold and uphold stringent documentation standards for all security and compliance protocols.

The analyst is instrumental in bolstering the organization's technological framework, ensuring a computing environment that is not only secure and dependable but also adheres to compliance standards

Position Responsibilities

• Safeguard data and information systems from unauthorized access, alterations, or destruction while ensuring the confidentiality, integrity, and availability of company and partner information assets.

• Comprehend and adhere to the critical practice of protecting sensitive health information in accordance with New York State.

• Collaborate with IT Operations to implement and maintain information security systems as directed by leadership, ensuring a fortified defense against digital threats.

• Perform comprehensive assessments of the security landscape to detect and address vulnerabilities, fortifying the organization's cyber resilience across all platforms.

• Maintain comprehensive standards for intrusion detection and data loss prevention, reinforcing a proactive security stance within the organization.

• Provide expert-level information security incident response and investigative support, mitigating risks and enhancing system security.

• Review and monitor sign-in and activity logs diligently, identifying and addressing anomalies to maintain system integrity.

• Secure company data during transit and at rest, employing advanced encryption and security measures to prevent unauthorized access.

• Review permissions for enterprise information resources, ensuring strict adherence to access control policies.

• Create and disseminate security awareness training materials, fostering a culture of security mindfulness and preparedness across the organization.

• Establish industry-compliant best practices, aligning with regulatory requirements and setting the standard for information security excellence.

• Security Awareness: Conduct security awareness campaigns to educate team members, enhancing organizational resilience against social engineering.

• Provide expert-level information security incident response, investigative support, and end-user security assistance, ensuring a comprehensive security framework and user education.

• Engage in comprehensive, detailed investigations, adeptly conducting interviews and posing critical questions that contribute to the determination and resolution of cases, ensuring a well-rounded and effective investigative process.

Knowledge, Skills, and Abilities

• Proficiency in Information Security standards and best practices, ensuring adherence to the highest industry benchmarks.

• Comprehensive knowledge of Information Security tools and processes, enabling effective security management and response.

• In-depth understanding of regulatory compliance and controls, including HIPAA, NIST (National Institute of Standards and Technology) 800-53, HITECH, and MCD, to maintain legal and ethical standards.

• Expertise in securing cloud-based solutions such as Microsoft Azure, and other cloud platforms, safeguarding digital assets in the cloud.

• Capability to conduct thorough assessments of risk, threats, and vulnerabilities, identifying potential security breaches before they occur.

• Self-motivation and a results-focused approach, driving initiatives to successful and timely completions.

• Critical thinking and decision-making skills, enabling swift and effective resolution of complex security challenges.

• Excellent communication skills, both written and verbal, facilitating clear and concise security directives and collaboration.

• Systematic documentation and organizational skills for management oversight and review, ensuring precision and orderliness in record-keeping and operational processes.

• Ability to develop and conduct training sessions on IT security best practices, enhancing the security competence of the organization.

• Demonstrate the ability to conduct in-depth security research and leverage that knowledge to integrate innovative tools and practices, significantly enhancing the organization's security posture. This entails keeping pace with the latest security advancements and translating those insights into strategic, actionable enhancements that bolster the organization's defenses.

• Possess the ability to author informative posts that keep the organization informed of the latest security updates, threats, and trends, contributing to a heightened awareness and proactive security culture.

• Compile concise reports highlighting the security team's metrics for management, highlighting operational efficiency and resource utilization, while ensuring

Position Requirements

• Bachelor's degree in information technology or Cybersecurity, or a recognized certification in an Information Security discipline required

• Minimum of three years' experience in IT or information/cybersecurity, with a solid foundation in Microsoft 365 and cloud computing environments. preferred

• Familiarity with NIST 800-53 control framework preferred

• Some healthcare or human service experience preferred

View Full Job Description (https://personcenteredservices.com/wp-content/uploads/2024/04/Information-Security-Analyst-FinalApproved-April2024.pdf)

Person Centered Services has a commitment to equal employment opportunity for all staff and applicants for employment. Employment decisions including, but not limited to, those such as staff selection, performance evaluation, administration of benefits, working conditions, staff programs, transfers, position changes, training, disciplinary action, compensation, and separations are made without regard to race, color, religion (including religious dress and grooming), creed, national origin, nationality, citizenship status, domestic partnership status, ancestry, gender, affectional or sexual orientation, gender identity or expression, marital status, civil union status, family status, age, mental or physical disability (including AIDS or HIV-related status), atypical hereditary cellular or blood trait of an individual, genetic information or refusal to submit to a genetic test or make available the results of a genetic test, military status, veteran status, or any other characteristic protected by applicable federal, state, or local laws.

Other details

• Pay Type Salary

• Min Hiring Rate $59,000.00

• Max Hiring Rate $69,000.00

Apply Now

• 560 Delaware Ave, Buffalo, NY 14202, USA