IT Security Analyst - IT
The Security Analyst position is primarily responsible for actively monitoring security threats and risks involving Heartland Dental assets. The Security Analyst will utilize both proprietary and third-party applications to perform analysis. Responsibilities include review of security reports and alerts generated by the security monitoring systems. This position will be tier1 support for Heartland security systems and escalate issues to the security engineer team for review. Additionally, this role will assist with internal and external security audits.
Heartland Dental proudly supports 1,600+ dental offices and more than 20,000 team members across the country. We are hard-working, fun-loving, and fast-growing - looking for our next perfect fit!
To give you an idea of the team structure, you will work on a team of Security Analysts and Security Engineers reporting to the Director of Information Security.
Below is an overview of the duties and responsibilities you would take on in this role:
- Minimize risk of cyber-attacks and focus on detection and response to threats
- Monitor endpoint protection software and remediate security related threats
- Analyze network traffic, intrusion attempts, activity logs, and system alerts for trends, anomalies, and potential security incidents.
- Configuration, implementation, and testing of various security systems and technologies; open source and commercial
- Perform routine vulnerability scan reviews to mitigate risks and vulnerabilities
- Conduct internal security assessments through penetration testing and risk analysis
- Perform assessments of third-party service providers to identify potential security and privacy risks
- Enhance cybersecurity awareness by promoting employee education, managing phishing simulation campaigns, and communicating best practices.
- Work with the Information Security team to develop and maintain Information Security presentations and dashboards designed to inform senior management of ongoing projects and objectives.
- Troubleshoot user security incident related issues.
- Ensure authorized access by investigating improper access, revoking access, reporting violations, monitoring information requests, and recommending improvements
- Assist with Incident Response and Forensics investigations.
- Provide technical support in the evaluation, implementation and maintenance of Heartland’s information security technologies, standards, and processes
- Maintain mitigation lists to track progress on identified security issues
- Maintain knowledge of latest cyber threats and industry best practices
- Perform other such duties as assigned from time to time.
- Completion of one of the following:
- Five years of Security Analyst experience, preferably in a Healthcare setting
- Associate degree and not less than one year of Security Analyst experience, preferably in a Healthcare setting
- Bachelor’s Degree in Information Technology, Computer Science, or related field
- General knowledge of Information Security principles (e.g., CIA architecture, least privileges, need to know, access controls and others)
- General knowledge of Network security concepts & Information Security best practices
- Knowledge of Windows workstation/server and Linux operating systems
- Understanding of modern technical security controls (i.e., firewalls, SIEMS, IDS, IPS, HIPS, EDR)
- Working knowledge of Windows Active Directory
- Basic knowledge of networking and application protocols such as HTTP, TCP/IP, DNS, DHCP, ICMP, SMTP, etc.
- In-depth understanding of Endpoint Protection solutions including Antivirus, Application Whitelisting, HIPS
- Basic knowledge of network scanners such as Nessus, Metasploit, Nmap, or InsightVM
- Understand how to identify, exploit, and remediate common vulnerabilities through use of tools
- Strong communications skills, both written and oral. Documentation ability is necessary
- Knowledge of Information Security standards, rules and regulations, and system security principles for risk identification and analysis
- Knowledge of scripting languages and how to automate tasks
- Self-managed and team oriented
- Strong analytical and problem-solving skills
- One or more of the following Sec+, Net+, CEH, GIAC, or other security certifications.
- Three years or more experience working in a Security Operations Center or Network Operations Center
- Two years or more experience working with Information Technology automation solutions including, but not limited to PowerShell, Python, Bash, and Shell.
- SSCP, CEH, GIAC, or other security certifications.
- Experience attending CTFs
- Ability to perform essential duties satisfactorily with or without reasonable accommodation.
- Reasonable accommodations may be made to enable individuals with disabilities to perform the essential duties of the position
- Prolonged periods sitting at a desk and working on a computer
- Must be able to lift up to 15 pounds at times
- Minimal travel required but would need to be able to travel for trainings and conferences as needed
Continuing education and growth are important to us at Heartland Dental, and we will help you grow your skills towards the goal you have in mind. We can offer the following
- Training to develop your current skill set or learn something new
- Attending conferences (as an attendee or speaker)
- Attending remote/on-site CTFs with the security team
- Information security certifications
We put our people first at Heartland Dental, and that shows in our generous benefits package.
Company retains the sole discretion to change the duties of the position at any time.
We provide all employees and applicants for employment the protections of federal, state, and local laws affording equal opportunity in employment.