Security Analyst

Job Description

Description

The Indiana Health Information Exchange (IHIE) is one of the nation’s largest health information exchange organizations. IHIE has been around for over a decade, with its roots dating back 30 years. As a not-for-profit HIE, we enable hospitals, physicians, laboratories, payers, and other health service providers to avoid redundancy and deliver faster, more efficient, higher quality healthcare to patients in Indiana. Today, by making information available to approximately 50,000 healthcare providers in Indiana and neighboring states, we deliver services that make a real difference in health and healthcare.

Indiana Health Information Exchange’s (IHIE) Information Technology (IT) team supports technologies that directly impact the quality, safety and efficiency of healthcare. We are seeking a Security Analyst with strong security, troubleshooting, and analytical skills to join the team.

Summary: The Security Analyst is a multifunction role responsible for maintaining and executing information security tools, processes and procedures in accordance with IHIE policy and industry standards. Key functions of this position include managing security platforms such as, Identity Access Management (IAM), SIEM event monitoring, network perimeter security, vulnerability management and data loss protection. The Security Analyst will also support the Information Security Officer on the development and implementation of program policies, procedures, reports and risk assessments.

Job Function Risk Level 3: Privileged user access with intentional access to PHI and sensitive data

Essential Functions:

Essential functions include the following. Other duties may be assigned.

Support best-practice policies for IHIE systems, including user provisioning, role management, direct login, multi-factor authentication (MFA), and single sign on (SSO) via proprietary technology as well as industry standards (SAML, OAuth2, etc.).

Manage and maintain the IAM platform(s) by ensuring proper configuration, troubleshooting requests, and providing end-user support for authentication, authorization, and technical issues.

Works closely with the Information Security Officer to coordinate and remediate penetration testing, application testing, vulnerability scans, and system configuration management projects.

Configure, operationalize, and monitor security applications, including EDR, DLP, Vulnerability Management, and software app controls.

Serve as a consultant for the overall planning and analysis of the security architecture of information systems. Provide technical advice and guidance to Software Development teams, Product Owners, IS/IT management, and any stakeholders related to the project.

Monitor SIEM for security events at the network, application, database and operating systems level to identify potential security incidents.

Assist in privacy and security incident response activities, including tabletop exercises and post-incident analysis.

Execute policy, processes, and procedures in support of IHIE’s HITRUST and HIPAA compliance requirements.

Attend trainings, pursue certifications, and research vulnerabilities, remediations, and new technology to learn and stay up to date on security best practices.

Requirements:

IHIE Attributes:

Adaptability and flexibility in a rapidly changing environment.

Self-starter and self-motivated.

Ambitious spirit – brings fresh ideas to the table and finds creative solutions to problems.

Positive attitude with outstanding communication and listening skills.

Education:

Bachelor’s degree in computer sciences, information security, or another related field.

Skills and Experience:

2-3 years of experience in information security or a related role

Relevant experience with Identity and Access Management systems, theories, policies, and best-practices

Knowledge of system design, administration, web application technologies, development, and integration

Skilled in system analysis, troubleshooting, business logic, data flow, and problem-solving

Solid understanding and experience in security operations best practices and regulatory requirements

Experience in implementing and configuring security systems required

Experience with a variety of operating systems required

Solid understanding and experience in computer networking required

High technical aptitude, ability to learn new technologies quickly

Strong attention to detail and organizational skills

Excellent verbal and written communications skills

Ability to set priorities and manage time while working on multiple tasks required

Preferred:

Experience with healthcare IT systems, HIPAA regulated environment, or with health data

Practice with web application development technologies, APIs, Web Services, SQL, and relational databases

Good understanding of project management and Agile methodologies

Benefits

We offer an excellent benefits package including medical/dental/vision, 401(k) matching, 20 days PTO your first year plus 9 company paid holidays, very casual work environment and dress code, and a dynamic, fun-loving company culture!

IHIE is one of the nation’s largest and most advanced health information exchange helping to ensure health information is where it needs to be, when it needs to be there to improve care coordination and patient outcomes. IHIE was formed in 2004 and currently serves 120+ hospitals representing 38 health systems, nearly 19,000 practices and over 50,000 providers, and has processed more than 16 billion clinical data transactions. Learn more at

Full-time