Security Analyst

For more than 18 years, CareWorks Tech has been delivering technology solutions that drive results. As your advocate, the common thread across our associates is crafting the right tech-savvy solutions. Whether it’s IT Consulting, Infrastructure Services, Security, Enterprise Service Management or Interactive, we’re all about finding solutions that advance your career aspirations. Our ongoing client relationships speak to our long-term collaborative partnerships.

Position Description: Works with business units and with other risk functions to identify security requirements, using methods that may include risk and business impact assessments. Components of this activity include but are not limited to: business system analysis, communication, facilitation and consensus building. Must have 3+ years of combined IT and security risk work experience with a broad range of exposure to systems analysis, applications development, database design and administration; one to two years of experience with information security

Responsibilities Include (duties may include but are not limited to):

• Assists in the coordination and completion of information security operations documentation.

• Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks.

• Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.

• Plays an advisory role in application development or acquisition projects to assess security requirements and controls and to ensure that security controls are implemented as planned.

• Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle.

• Works with IT department and members of the information security team to identify, select and implement technical controls.

• Develops security processes and procedures, and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.

• Advises security administrators on normal and exception-based processing of security authorization requests.

• Researches, evaluates and recommends information-security-related hardware and software, including developing business cases for security investments.

• In-depth knowledge and understanding of information risk concepts and principles, as a means of relating business needs to security controls.

• Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans.

• Experience with common information security management frameworks, such as [International Organization for Standardization (ISO) 2700x and the ITIL, COBIT and National Institute of Standards and Technology (NIST)] frameworks.

• Knowledge of the fundamentals of project management, and experience with creating and managing project plans, including budgeting and resource allocation.

• In-depth knowledge of risk assessment methods and technologies.

• Proficiency in performing risk, business impact, control and vulnerability assessments.

• Strong understanding of business applications, including ERP and financial systems.

• Excellent technical knowledge of mainstream operating systems [for example, Microsoft Windows and Oracle Solaris] and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.

• Experience in developing, documenting and maintaining security policies, processes, procedures and standards.

• Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.

• Audit, compliance or governance experience is preferred. Strong knowledge of MS Access, Excel and other products in the MS Office Suite.

The CareWorks Family of Companies is committed to providing career opportunity and growth to all Associates without regard to race, color, religion, sex, national origin, age, marital or veteran status, medical condition or disability.

CareWorks Tech Strategically-Led Technology Solutions

5555 Glendon, CT

Dublin, OH 43016

614-789-3767

david.horvay@careworkstech.com

Thank you for considering CareWorks Tech for your next career opportunity. CareWorks Tech is not your typical technology company. We are part of the CareWork’s family of companies which is one of Ohio’s largest managed care organizations, serving over 115,000 employers and owned by York Risk Services Group. We have 4 guiding principles: (1) Customer Commitment (2)Attitude of Service (3) Respect for the Individual and Team and (4) Exceeding Expectations. We invest in your training, professional development, benefits (medical, 401k, paid holidays/vacation, etc.) and personally focus on your career success. We have operations in 85 locations worldwide and employ 5,000+ people.