Information Security Analyst II
Imagine a workplace that encourages you to interpret, innovate and inspire. Our employees do just that by helping healthcare payers manage the cost of care, improve competitiveness and inspire positive change. You can be part of an established company with a 40-year legacy that helps our customers thrive by interpreting our client's needs and tailoring innovative healthcare cost management solutions.
Our commitment to diversity, inclusion and belonging are part of the fabric of our company. We strive to create a workplace that fosters mutual respect and collaboration, where every talented individual can participate and perform their best work. We are MultiPlan and we are where bright people come to shine!
Please note: Our offices are currently closed due to the pandemic. If offered the position you would start by working from your home. However, when we fully reopen later this year this would transition to working from either our Naperville, IL, Bedford, MA, Irving, TX or New York City offices.
This role protects the organization's computers, networks, and data against internal and external threats while ensuring continual confidentiality, integrity and availability of organizational assets. The incumbent will continually monitor the organization's security operations, incident response efforts leveraging offensive and defensive tool sets while ensuring compliance with all relevant internal control processes and related security and privacy laws and regulations.
JOB ROLES AND RESPONSIBILITIES:
1. Act as key participant in the monitoring of security infrastructure, appropriate network usage and systems availability to ensure secure user access.
2. Provide support and troubleshooting for security event monitoring for all corporate systems where appropriate through a SIEM solution.
3. Use security event logs, intrusion detections, and other automated tools to assess and address event identification, event correlation, event escalation and event triage as related to the cyber security and IT infrastructure of the Company.
4. Collaborate amongst risk management and other technical groups to lead design, development and implementation of information security and risk management policies, standard operating procedures, standards and best practices that fully satisfy established goals while remaining in line with organizational initiatives.
5. Participate in the development and maintenance of relationships amongst various business functions including but not limited to internal audit, client account management and third party auditors. Participate in the audit and review of assigned business processes to evaluate adequacy of controls within IT. Utilize audit findings to make appropriate recommendations for the correction of weaknesses within processes and procedures that support the continual improvement in operational procedures.
6. Monitor, triage, and provide a solution for the requests that are submitted through the call tracking solution for the security team.
7. Act as a participant in the planning and implementation of security measures to protect computer systems, networks and data.
8. Collaborate, coordinate, and communicate across disciplines and departments.
9. Ensure compliance with HIPAA, HITRUST, SOX, SOC1/2 regulations and requirements.
10. Demonstrate Company's Core Competencies and values held within.
11. Please note -- this role is considered to be a High Risk Role.
12. The position responsibilities outlined above are in no way to be construed as all encompassing. Other duties, responsibilities, and qualifications may be required and/or assigned as necessary.
The incumbent works independently and exercises significant discretion and independent judgment with minimal supervision. The incumbent provides input for critical business decisions. The incumbent provides the leadership, management, and vision necessary to achieve strategic business and technology objectives and works closely with the IT Organizations, the Company Business Units, and key stakeholders to identify and maximize opportunities to improve security, controls, and business processes.