Information Security Analyst
PacificSource

Looking for a way to make an impact and help people?

Join PacificSource and help our members access quality, affordable care!

PacificSource is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to status as a protected veteran or a qualified individual with a disability, or other protected status, such as race, religion, color, national origin, sex, sexual orientation, gender identity or age.

Diversity and Inclusion: PacificSource values the diversity of the people we hire and serve. We are committed to creating a diverse environment and fostering a workplace in which individual differences are appreciated, respected and responded to in ways that fully develop and utilize each person's talents and strengths.

The Information Security Analyst I is responsible for supporting PacificSource's efforts to protect its information systems and data from unauthorized access, misuse, and threats. The Analyst will monitor and respond to security incidents, conduct vulnerability assessments, coordinate security awareness programs, support audits and assessments, and support the implementation and management of security controls. This role is critical in maintaining the security posture of PacificSource and ensuring compliance with relevant security policies and regulations.

Essential Responsibilities:

• Ensure security operations adequately meet the business needs and evolving threat environment.
• Identify, investigate, and respond to security incidents, coordinating appropriate resources and communicating appropriately with stakeholders.
• Create, maintain, and train stakeholders on security incident response.
• Mature the Information Security Program through contributions around improving security operations, security controls, response plans, and security awareness.
• Audit security controls and validate efficacy of existing controls.
• Remain up to date with current attack methods and characteristics to identify threats and advise on prevention, mitigation, and remediation.
• Assist in designing, implementing, and maintaining technical security programs including threat and vulnerability management, security event monitoring and response programs.
• Contribute to the continuous improvement the security culture and posture of PacificSource.
• Actively collaborate with other departments acting in a consultative capacity promoting a strong security culture.
• Remain current on industry best practices, the threat environment, and understanding how emerging threats may potentially impact the organization.

Supporting Responsibilities:

• Meet department and company performance and attendance expectations.
• Follow the PacificSource privacy policy and HIPAA laws and regulations concerning confidentiality and security of protected health information.
• Perform other duties as assigned.

Work Experience: Minimum of 6 months of experience in information security or related IT field required.

Education, Certificates, Licenses: Associate's degree in Computer Science, Information Security, or related field (or equivalent experience) required. Relevant IT security certifications or accreditations (e.g. CompTIA Security+, Network+, Cisco Certified Network Associate (CCNA), GIAC Information Security Fundamentals (GISF), GIAC Security Essentials (GSEC), ISC2 Associate) are preferred.

Knowledge: Experience in some of following areas: security operations, insider threat programs, incident response, vulnerability and patch management, Data Loss Prevention (DLP) systems, Endpoint Detection and Response and similar security technologies, Security Information and Event Management (SIEM) technologies and Indicators of Compromise (IoC), Phishing Awareness Programs, information security knowledge to include best practices, Advanced Persistent Threats (ATP) and the current threat landscape. Knowledge of system administration on Windows, UNIX or Linux is preferred. Familiar with network architecture and technologies. Information security experience with HIPAA, HITECH, HITRUST, and PCI are a plus.

Competencies

Adaptability

Building Customer Loyalty

Building Strategic Work Relationships

Building Trust

Continuous Improvement

Contributing to Team Success

Planning and Organizing

Work Standards

Environment: Work inside in a general office setting with ergonomically configured equipment. Travel is required approximately 5% of the time.

Skills:
Accountability, Collaboration, Communication (written/verbal), Flexibility, Listening (active), Organizational skills/Planning and Organization, Problem Solving, Teamwork

Our Values

We live and breathe our values. In fact, our culture is driven by these seven core values which guide us in how we do business:

• We are committed to doing the right thing.
• We are one team working toward a common goal.
• We are each responsible for customer service.
• We practice open communication at all levels of the company to foster individual, team and company growth.
• We actively participate in efforts to improve our many communities-internally and externally.
• We actively work to advance social justice, equity, diversity and inclusion in our workplace, the healthcare system and community.
• We encourage creativity, innovation, and the pursuit of excellence.

Physical Requirements: Stoop and bend. Sit and/or stand for extended periods of time while performing core job functions. Repetitive motions to include typing, sorting and filing. Light lifting and carrying of files and business materials. Ability to read and comprehend both written and spoken English. Communicate clearly and effectively.

Disclaimer: This job description indicates the general nature and level of work performed by employees within this position and is subject to change. It is not designed to contain or be interpreted as a comprehensive list of all duties, responsibilities, and qualifications required of employees assigned to this position. Employment remains AT-WILL at all times.

---