Information Security Analyst

RES Servicing Corp • Kew Gardens, New York, United States • 4w ago

Position Overview: The Information Security Analyst plays a crucial role in safeguarding an organization's sensitive data, systems, and networks from potential cyber threats and attacks. This role involves monitoring, analyzing, and responding to security incidents, as well as implementing proactive measures to mitigate risks and ensure compliance with industry standards and HIPAA/HITECH regulations.

Responsibilities:

Monitoring and Incident Response:
- Monitor network traffic, system logs, and security alerts to identify and investigate potential security incidents.
- Analyze and respond to security breaches, malware infections, and other cyber threats promptly.
- Collaborate with cross-functional teams to contain and mitigate security incidents effectively.
Vulnerability Assessment and Management:
- Conduct regular vulnerability assessments to identify weaknesses in the organization's systems, networks, and applications.
- Implement patches and updates to address vulnerabilities, ensuring systems are up to date and secure.
Security Policies and Procedures:
- Develop and maintain information security policies, standards, and procedures.
- Educate employees on security best practices and ensure adherence to established security policies.
Security Audits and Compliance:
- Participate in internal and external security audits, ensuring compliance with regulatory requirements and industry standards.
- Prepare and provide documentation for audit purposes.
Security Tools and Technologies:
- Manage and maintain security tools such as firewalls, intrusion detection systems, anti-virus software, and encryption technologies.
- Research and recommend new security technologies and solutions to enhance the organization's security posture.
Threat Intelligence:
- Stay current with emerging threats, vulnerabilities, and security trends.
- Utilize threat intelligence sources to proactively identify and mitigate potential risks.
Incident Documentation and Reporting:
- Document incident details, analysis, and response actions in a clear and organized manner.
- Provide regular and ad-hoc security reports to management, highlighting key findings and recommendations.
Security Awareness and Training:
- Organize security training and awareness programs for employees to promote a culture of security consciousness.