Information Security Analyst
Location: Boston, Massachusetts US
Job Number: 1329
The Information Systems Security Analyst reports to the Information Security Officer. The Information Systems Security Analyst reports on and performs proactive threat hunting looking for indicators of compromise across all DentaQuest environments, assists in the review of internal and external client questionnaires, requests for proposals, creation, and analysis of reports for DentaQuest's security analytics initiative. Reporting includes security events and security network monitoring and encompasses all reporting from all DentaQuest security systems.
Security systems include: Security Patch Management System, Security Configuration Management, Anti- Virus, Web Filter, Proxy, SIEM (Security Incident Event Manager), FIM, IPS, and DLP system. Assist in procedure maintenance; education, training, and awareness activities; monitoring compliance with company security policy and applicable laws. The incumbent coordinates investigation and security events .
Primary Job Responsibilities
- Assist in the monitoring of security systems for anomalies and respond to potential security events.
- Hunt for security threats within the environment leveraging a deep understanding of Indicators of Compromise (IOC) and Vulnerability Management
- Work with Security Engineering to update system security configurations to harden environments based on evolving threats
- Security patch process and configuration management on all assets according to requirements.
- Provide support and assist in continuous risk and readiness assessments and ongoing compliance with standards.
- Testing of security controls for PCI, HIPAA, HITRUST and other regulations and standards or best practices.
- Assist in the documentation and maintenance of standard operating procedures (SOP).
- Reporting on system configuration and hardening.
- Vulnerability research and remediation recommendation.
- Support building reports for management and audits.
- Assist in the research, evaluation and recommendation of technology products and services.
- Works on multiple projects as a project team member.
- Any other information security related tasks as directed by management.
- Other duties as needed or required.
- Bachelor of Science degree or equivalent work experience.
- 2 years of IT security experience or equivalent combination of education and experience.
- 2 years of experience in IT Infrastructure, Network Engineering.
- Experience with patch management systems (Qualys, Shavlik, WSUS, SCCM, or similar systems).
- Knowledge of SQL, PSL, and XML.
- Experience with a programming language a plus, especially .NET or Python.
- Working knowledge of any of the standards or regulations OWASP, HITRUST, PCI, HIPAA, GLBA, SOX, ISO27001, CSA.
- Working knowledge of ethical hacking or penetration testing.
- Attends additional training as requested/deemed necessary
- Incumbent must be able to communicate effectively.
- Requires overall light physical effort (up to 25lbs.)
- Manual dexterity and sitting is required in carrying out position own position responsibilities (i.e. use of personal compute).
- Ability to travel or move about within and outside serviced facilities required.
- Incumbent works primarily in either a private or shared office environment.
Webelieve that everyone should live life free of dental disease. As a purpose-driven, double bottom line company that is improving oral health for everyone, we are transforming the oral health system - from the way we provide care and pay for it, to how we talk about it and prioritize it in our policies and communities.
Meaningful change requires a revolution in oral health. We are redefining what it means to prevent disease and provide better access to care for everyone. We are going beyond the dental chair to reshape the oral health system, addressing total health and the social and cultural factors that impact it.
To make this revolution a reality, we harness our unique reach and insights to advance policy, financing, care, and the community. That means solving problems in a flexible and efficient way, testing and trialing to create new solutions and deliveringmeasurableoutcomes for the people we serve.
The people of DentaQuest have a common purpose, and we work together with passion, perseverance and focus to achieve a nation where no child suffers from the pain of tooth decay. Where adults keep all their teeth for their entire lives. Where every person has access to quality dental care.
Job Number: 4138
Community / Marketing Title: Information Security Analyst
Location_formattedLocationLong: Boston, Massachusetts US