We truly believe that the success of our business depends on our employees.

We offer excellent opportunities for individuals seeking to strive and flourish in the research and consultancy industry, focusing on their professional as well as personal development. Our distinctive environment offers careers that are exciting, challenging and rewarding. We encourage our people to learn, experiment and grow - for both their own personal benefit and the company’s.

Role Summary

The Security Analyst is responsible for the overall security of the organization. The individual in this position will oversee the direct planning and implementation of information-security solutions in support of business objectives. The individual should be adept at developing effective security policies and procedures, project documentation and milestones, and technical/business specifications. The ideal candidate will serve as the subject-matter expert in such areas as network and application monitoring, vulnerability management, incident response and regulation compliance.  

 

What will you be engaged in day-to-day?

·         Work with the Infrastructure and Security team.

·         Researching, evaluating, designing, testing, recommending, communicating, and implementing new security software or devices.

·         Developing security systems in accordance with National Institute of Standards and Technology (NIST) recommendations.

·         Fine-tuning and managing the company’s security information and event management (SIEM) tools.

·         Developing security documentation, specifically System Security Plan (SSP), Risk Assessment (RA), Plans of Action and Milestones (POAM), Continuity of Operations Plan (COOP), etc.

·         Conducting and leading Certification and Accreditation (C&A) efforts. 

·         Developing system documentation for government certification and accreditation processes.

·         Configuring, testing, and maintaining LAN/WAN equipment and related services, including switches, firewalls, Cisco routers, and IDS/IPS devices. 

·         Identifying, diagnosing, and resolving network problems. Providing oversight and guidance to IT support and the engineering team.

·         Creating and maintaining comprehensive documentation for implemented solutions.

·         Conducting internal vulnerability and penetration testing to identify and rectify weaknesses in the design. Safeguarding the network against unauthorized modification, destruction, or disclosure.

·         Performing other duties as assigned.

 

 What qualifications will help you succeed?

  • B.S. or M.S. degree in information systems, computer science or cybersecurity.
  • Hands-on experience monitoring, configuring and managing security information and event management (SIEM) tools.
  • Familiarity with regulatory standards based on NIST 800 series Special Publications
  • Experience monitoring and enhancing a multi-tiered security infrastructure.
  • Experience reviewing and implementing security policies and procedures, as well as experience conducting security assessments using commercial and open-source host-scanning tools, network-scanning tools, and web and database vulnerability assessment tools. 
  • Experience with large server deployments and highly available production environments. 
  • Experience with data center buildouts, upgrades, and migration.
  • Expert knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP) and network architecture.  
  • Security-related certifications (CISSP, CISA, GIAC, etc.) desired. 
  • Experience working in the health care IT government arena with all security compliance and infrastructure aspects of the design, development, and subsequent implementation preferred.