Information Security Analyst

closed
Vytalize Health Logo

Vytalize Health

πŸ“Remote - Worldwide

Summary

Join Vytalize Health, a leading value-based care platform, as an Information Security Analyst and play a critical role in protecting the company from adverse events and developing incident response capabilities.

Responsibilities

  • Assess risks
  • Identify control weakness
  • Conduct access reviews for the technology ecosystem
  • Conduct awareness and training in accordance with the awareness and training program
  • Monitor vulnerability and software patching processes
  • Assist with incident response and disaster recovery planning and exercises
  • Assist in the development, maintenance, and test of the incident response plans to effectively address and mitigate security breaches or compliance violations
  • Assist in the test of the business continuity plans and disaster recovery plan to effectively sustain business process and to effectively restore the operability of a system, application, or infrastructure during and after a cyber incident disruption
  • Coordinating and leading efforts to detect, analyze, and respond to security incidents and breaches
  • Conduct both logical and physical access reviews for all information systems and physical security systems to identify non-compliance with the information security policies
  • Summarize the access review and submit tickets for any corrective actions
  • Monitor and track tickets to ensure timely completion
  • Develop identity and access management procedures for the all the information systems and physical security systems to provide consistent processes
  • Maintain the cyber security risk register with the risks, risk ratings, risk mitigation strategies and action plans
  • Prepare and distribute regular reports to management and stakeholders summarizing risk assessments, compliance status, risk treatments plans, and recommendations for improvement
  • Assist with data gathering and coordination with the various teams for audits and risk assessments
  • Regularly test the controls implemented to identify controls weaknesses or modifications
  • Conduct regular simulated phishing exercises to educate and detect malicious emails and other malicious events
  • Schedule and conduct training to educate workforce members regarding cyber security best practices, regulatory compliance and other cyber security requirements
  • Monitor the training campaigns to demonstrate the effectiveness of the training program and improve phishing detection and response
  • Monitor remediation of the vulnerability assessment findings, including penetration test, application security test, and internal and external vulnerability scans
  • Communication vulnerability assessment remediation and risks with IT and information security team members
  • Collaborate with cross-functional teams
  • Communicate security risks, issues, and recommendations to senior management and stakeholders, advocating for investments in cybersecurity and risk mitigation initiatives
This job is filled or no longer available