The Cybersecurity Analyst Senior is a general cybersecurity subject matter expert that has attained additional in-depth IT and security expertise in specific technologies and/or subject areas. Accountable for implementation of cybersecurity strategy under the direction of the Cybersecurity Manager. Proactively analyzes and anticipates changes in the cyber-threat landscape and actively participates in the design of effective countermeasures. Participates on cross-functional, multi-departmental teams to implement security-in-design solutions that effectively prevent, detect and respond to threat in Geisinger Health System’s (GHS) computing environment. Performs risk assessment and management activities in regard to technology, process, and applications. Required to continue developing specialized cybersecurity expertise to remain current in field. Demonstrates a passion for Information Technology and Security and willingness to share knowledge with other team members. Contributes to a culture of security-by-design for technology initiatives.
COMPETENCIES AND SKILLS:
Demonstrates a thorough understanding of the current threat landscape and the ability to predict landscape changes as well as adjust operational approaches accordingly.
Demonstrates expertise in security data analytics and ability to identify indicators of compromise.
Communicates meaningful and thoughtful information regarding all aspects of the security operation’s function and supports ISO leadership to resolve security related issues.
Demonstrates ability to negotiate and gain consensus, offer creative ideas, and complete assignments.
Demonstrates an ability to resolve conflicts in a productive and professional way. Ability to bring passion, motivation and drive. Lead by example and mentor other staff members.
Project management skills with an emphasis on implementation planning and execution. Demonstrated ability to lead multiple project efforts at one time.
Technical skills should include a conceptual understanding with hands-on configuration and troubleshooting experience with two or more of the following: Operating Systems, Wireless Technologies, Encryption technologies, Intrusion Detection, Firewalls, Active Directory, Routers/Switches, Anti-Virus, Mobile devices, Web Applications, HTTP(s), Identity and Access Management (IAM), provisioning, role management, access management.
Demonstrates high quality writing and verbal skills, and presentation skills to present thoughts, ideas, project plans, status updates. Ability to develop business cases for investment with management presentation skills.
Understands and applies technology standards methodologies and frameworks such as NIST, ITIL, and ISO.
Demonstrates capability and evidence of being self-motivated, proactively initiate projects and activities. Interact with peers, physicians and other healthcare professionals to provide solutions for reducing cyber-risk within the business environment
Demonstrates ability for critical thinking and problem solving.
Demonstrates passion for continuous learning and application of new technologies and/or self-initiative for acquiring security skills such as ethical hacking, penetration testing, threats, vulnerabilities, risk assessments.
Knowledgeable of HIPAA, PCI, and other regulations and how to integrate into secure architecture design.
Demonstrates understanding of risk management and the application of risk management frameworks.
Demonstrates ability to conduct complex risk assessments.
Conceptual understanding of big-data security architecture design.
EDUCATION AND EXPERIENCE:
Bachelor’s Degree in Information Security, Information Technology, or related field required.
Minimum of five or more years of experience required, working within a Cybersecurity function with in-depth specialized skills in two or more of the following concentrations:
Secure architecture design, including network, servers, endpoints, and application technologies.
Incident response and preparedness.
Threat hunting and security data analytics.
Vulnerability analysis and program management.
Penetration testing and program management.
Threat and intelligence gathering and application.
Digital forensics to include hardware, network and malware analysis.
Security Information and Event Monitoring design, implementation, and maintenance.
IT Risk frameworks (ISO27005, ISACA Risk IT, etc.)
Regulatory compliance (PCI, HIPAA, etc.)
Risk assessment and/or risk management
Security culture and resilience
Professional Certification in Information Security that demonstrates a specialized and in-depth understanding of a specialized field required.
In lieu of degree, may consider eleven or more years of experience in the Information Security field.
WORKING CONDITIONS/PHYSICAL DEMANDS:
Work is typically performed in an office environment with occasional travel to different buildings. Mostly sedentary work interacting with computers and people. Requires ability to perform visual inspection and lifting less than 10 pounds.
OUR PURPOSE & VALUES: Everything we do is about caring for our patients, our members, our students, our Geisinger family and our communities. KINDNESS: We strive to treat everyone as we would hope to be treated ourselves. EXCELLENCE: We treasure colleagues who humbly strive for excellence. LEARNING: We share our knowledge with the best and brightest to better prepare the caregivers for tomorrow. INNOVATION: We constantly seek new and better ways to care for our patients, our members, our community, and the nation.
ABOUT GEISINGER: Geisinger is a physician-led health system comprised of approximately 30,000 employees, including nearly 1,600 employed physicians, 13 hospital campuses, two research centers, and a 583,000-member health plan Geisinger is nationally recognized for innovative practices and quality care. Geisinger serves more than 3 million people in central, south-central and northeast Pennsylvania and also in southern New Jersey with the addition of National Malcolm Baldridge Award recipient AtlantiCare, A member of Geisinger. In 2017, the Geisinger Commonwealth School of Medicine became the newest member of the Geisinger Family.
We offer healthcare benefits for full time and part time positions from day one, including vision, dental and domestic partners. * Perhaps just as important, from senior management on down, we encourage an atmosphere of collaboration, cooperation and collegiality. For more information, visit www.geisinger.org, or connect with us on Facebook, Instagram, LinkedIn and Twitter.
** Does not qualify for J-1 waiver. We are an Affirmative Action, Equal Opportunity Employer Women and Minorities are Encouraged to Apply. All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of disability or their protected veteran status.
*Domestic partner benefits not applicable at Geisinger Holy Spirit.
At Geisinger, our innovative ideas are inspired by the communities we serve – like our Fresh Food
Farmacy, a program that delivers life-saving healthy alternatives to patients with diabetes. With additional tools like our MyCode Community Health Initiative, one of the first health system genome sequencing
programs, and our new asthma app suite that we developed in partnership with AstraZeneca, it’s no wonder we’re ranked one of the Top 5 Most Innovative Healthcare Systems by Becker's Hospital Review. We continually work towards continuous improvement in a culture where everyone has a voice and firmly believe that better begins with all of us.
Founded more than 100 years ago, Geisinger serves more than three million residents throughout central, south-central and northeastern Pennsylvania and southern New Jersey. Our physician-led system is comprised of 30,000 employees, including 1,600 employed physicians, and consists of 13 hospital campuses, the Geisinger Health Plan, Geisinger Commonwealth School of Medicine and two research centers.
What you do at Geisinger shapes the future of health and improves lives – for our patients, communities, and you.