Information Security Analyst

Summary

Join EnableComp as an Information Security Analyst and contribute to the daily operations of our security program. You will provide technical expertise in information security, collaborating with the security team and other departments to ensure secure system design, development, deployment, and management. Lead departmental KPI activities, roadmap tracking, and manage third-party security assessments and client compliance requests. This role involves managing quarterly security program activities, researching security products, and staying updated on emerging cyber threats. You will analyze internal security systems, plan security training, and ensure operational security mechanisms are in place. EnableComp offers a dynamic environment and opportunities for professional growth.

Requirements

• Bachelor’s degree in Computer Science, IT, Business or equivalent work or educational experience
• Security related certifications: S+, CEH, Azure, etc
• Must have strong computer proficiency and understand how to use basic office applications, including MS Office (Word, Excel, and Outlook)
• Regular and predictable attendance
• Practices and adheres to EnableComp’s Core Values, Vision and Mission

Responsibilities

• Analyze internal security systems and security related controls to help ensure annual audit compliance, healthcare regulation adherence and corporate ethical standards
• Assist in the planning and deployment of ongoing security training and education efforts for employees across the organization
• Liaise with other departmental personnel to ensure that all operational security mechanisms are in place and functioning per compliance controls
• Assists with developing work plans, roadmaps, meeting schedules, agendas, and other related security project management activities including scheduling meetings, outlining phases, documenting meeting notes, and follow-up activities
• Help streamline, track, and administer the daily, monthly, quarterly, and annual security compliance related tasks and compliance controls
• Perform quarterly access review procedures ensuring reviews are conducted, reporting data is collected and stored properly, and any anomalies are identified and properly addressed for remediation
• Help to lead, manage, and document the third-party vendor procedures and well as answering client requested security questionnaires
• Learn current audit procedures and assist in the collection and oversight of control evidence
• Review real-time and historical reports for security and/or compliance violations
• Monitor online security-related resources for new and emerging cyber threats
• Help to support and enforce physical security requirements
• Help to identify and implement security related improvements
• Other additional duties as assigned

Preferred Qualifications

• 1-2 years of IT security and compliance-related experience preferred
• Previous experience within the healthcare industry a plus
• Working experience with the following technology vendors and products: Microsoft Azure cloud, Microsoft O365, Cortex, Qualys, DUO 2FA
• Previous experience in IT systems and networking
• Experience managing servers, particularly virtualized environments
• Ability to work well with team members to produce results
• Excellent communication skills, utilized to collaborate both within IT and across all functions of the company to drive IT security initiatives
• Excellent mentoring and coaching skills to assist in training staff on security directives
• Design computer security architecture and develop detailed cyber security designs
• Prepare and document standard operating procedures and protocols
• Problem solving skills and ability to work under pressure
• Advises senior management by identifying critical security issues; recommending risk-reduction solutions
• Solid understanding of HIPAA and applicable compliance frameworks (SOC2, HITRUST)
• Strong project management and technical troubleshooting ability
• Strong writing\documentation skills necessary
• Ability to articulate security-related concepts to a broad range of technical and non-technical staff
• Ability to work on larger projects as well as balance day to day requirements