30 Nov
Senior Security Analyst
Michigan, Ann arbor , 48105 Ann arbor USA

Vacancy expired!

Arbor Research seeks a highly skilled information security professional, eager to lead the advancement of our organization’s security policies and control specifications. This individual will work with the VP Information, members of the Network Services team, as well as others across the organization to enhance existing policies and develop new policies where necessary, design best practices and strategies to monitor compliance, and lead risk management processes. The successful candidate will demonstrate an in-depth understanding of IT security implementation and relevant Federal regulations and legislature, possess at least five years’ IT security experience along with a recognized security accreditation, and be driven to expand their skills and responsibilities towards becoming the organization’s Information System Security Officer.

Due to the ongoing COVID-19 pandemic, interviews will be conducted virtually, rather than onsite.

Arbor Research Collaborative for Health, a not-for-profit organization located in Ann Arbor, MI, is the preferred employer for professionals passionate about improving health care policy, health care delivery, and health outcomes through evidence based research. At our core, we value collaborative spirit, creativity, credibility, and dedication. Our interdisciplinary team brings together expertise from a variety of fields and disciplines to answer complex research questions by thinking across boundaries and generating innovative approaches.Bright, enthusiastic individuals thrive at Arbor Research. We provide a rich benefits package along with high quality learning and development opportunities, and a casual yet professional work environment in support of achieving a positive work/life balance. These attributes provide our dedicated employees the flexibility to work collaboratively and creatively in order to make credible contributions to the research community. Join our diverse and dynamic team today and contribute to the improvement of patient care in the future!More information about this opportunity and the benefit program at Arbor Research is available on the careers page at www.ArborResearch.org.

CHARACTERISTIC DUTIES AND RESPONSIBILITIES
  • Develop and maintain security policies and control specifications to reflect agreed upon standards, including those based on NIST 800-53, HITRUST, and others
  • Communicate policies and best practices; develop strategies to efficiently monitor compliance with policy
  • Document technical and policy controls to demonstrate compliance with these policies; work cross-functionally with internal teams to implement procedures
  • Collaborate with the Senior Information Services team to make risk-based decisions evaluating threats, vulnerabilities, and relative costs
  • Identify and arrange for external security certifications and audits; work directly with auditors and internal teams, providing guidance to ensure compliance with regulatory requirements
  • Document and investigate security events and incidents; incorporate into formal risk assessments on an ongoing basis
  • Identify and implement appropriate cyber defense tools and services to provide actionable metrics and monitoring
  • Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans
  • Evaluate developing threats and technical controls; make recommendations for implementation with appropriate consideration of cost and risk mitigation
  • Identify security related training needs & certifications for network services and all other staff members
  • Ensure responsiveness and compliance with contract-specific security requirements

CORE VALUESOur core values define who we are as an organization and serve as the foundation of our code of ethics. Arbor Research expects all employees to embody these and demonstrate them in our day-to-day work.

Collaborative SpiritWe expect each staff member to learn from and teach one another, and ask each to exhibit a curiosity and respect for the contributions of others.

CreativityWe strive to cultivate a challenging, stimulating, and supportive environment where our employees are expected to be inquisitive, take initiative, and demonstrate ingenuity.

CredibilityOur employees are smart, thoughtful, and objective in their work. We expect them to be technically solid in their area of expertise, and for those conducting research to demonstrate scientific rigor.

DedicationOur team achieves success because of our dedication to carrying out high quality work and delivering trusted results.

SUPERVISION RECEIVEDGeneral administrative supervision is received from the VP Information.

SUPERVISION EXERCISEDNo direct staff supervision. Authoritative collaboration for security functions performed by the network services team is expected.

REQUIRED QUALIFICATIONS
  • Bachelor’s degree in related field with five years’ progressively responsible IT security experience, or equivalent combination of education and experience
  • Recognized security accreditation (CPP, CISM, GISP, CISSP, etc.). Opportunities to expand current certifications may be supported as needed.
  • In-depth understanding of IT security implementation and the relevant Federal regulations and legislation, such as HITRUST and FISMA control families, HIPAA, GDPR, and SOC 2
  • Understanding of web application security risks and standards (e.g., OWASP)
  • Knowledge of risk management (assessment and mitigation) processes
  • Knowledge of computer networking concepts and protocols, and network security methodologies
  • Experience implementing security monitoring, vulnerability scanning, and penetration testing tools
  • Excellent writing and organizational skills, including understanding of policies, procedures, and requirements/specifications
  • Demonstrated performance with a very high degree of accuracy, integrity, discretion, sound judgement, accountability, and ownership

DESIRABLE QUALIFICATIONS
  • Demonstrated interest in a non-profit, mission-driven environment
  • Experience responding to audit and regulatory inquiries
  • Health care information experience, including understanding of data privacy laws
  • Exceptional understanding of security vulnerabilities, attacker exploit techniques, and methods for remediation of such

Visit https://www.arborresearch.org/Careers/Opportunities.aspx to apply. Job Applicants must submit a personalized cover letter and resume.

No Recruiters or Staffing Firms pleaseE-Verify is an Internet based system operated by the Department of Homeland Security (DHS) in partnership with the Social Security Administration (SSA) that allows participating employers to electronically verify the employment eligibility of their newly hired employees in the United States. Arbor Research Collaborative for Health participates in E-Verify to confirm that individuals offered employment are legally authorized to work in the United States.Arbor Research Collaborative for Health is an equal opportunity/affirmative action employer. All qualified applicants will receive consideration for employment without regard to race, religion, color, national origin, sex, age, sexual orientation, gender identity, status as a protected veteran, or status as a qualified individual with a disability. Arbor Research Collaborative for Health provides reasonable accommodation upon request, in accordance with State and Federal laws.

Vacancy expired!

Subscribe for new vacancies
Report job