Monday, 11 December 2017 16:06

Sr Security Analyst Featured

Rate this item
(0 votes)

Sr Security AnalystSystem Services MPN

Job Description

The position is responsible for in-depth security administration which includes research, design, installation, testing, configuration, implementation, troubleshooting, and maintenance of security systems and services.

A Senior Security Analyst collaborates with application owners, project managers, vendors, and end-users to provide design and administrative services.

Location: 920 Frostwood,Houston,TX 77024
Facility: System Services MPN
Category: Non-Clinical Professional
Type: Full time
Requisition 100064941

  1. Additional Qualifications:
  2. Implemented IT Control framework across an organization. HITRUST/NIST preferred.
  3. Strong understanding of Third Party Risk Assessment process
  4. Performed Compliance verification of IT controls. (for example: SEIM log reports, vulnerability scanning, patch management, decommissioning process, server hardening standards).
  5. Assisted with the Cyber Security Awareness Training program. 
  6. Involvement with creating data analytic projects for security metric implementation.
  7. Project management experience is a plus.
  8. Capable of performing thorough extensive research to develop a position paper.

Minimum Qualifications:

  • Bachelor’s degree preferred or equivalent experience.
  • Four years experience in information security and/or IT auditing.
  • One years of recent work experience in providing security solutions to large network environment (15,000+ node network)
  • At least one active security certification (example: CISSP, GIAC, CISA, CISM) – PREFERRED
  • Strong knowledge of security tools including firewalls, IPS, IDS, encryption, SEIM, vulnerability scanners and other security tools.
  • Three years of at least one security tool(s) technology at an in-depth level (firewalls, IPS, IDS, encryption, SEIM, vulnerability scanners, content filtering).
  • Strong understanding of the conceptual basics of all topologies and protocols in the OSI model.
  • Strong understanding of Active Directory, networking and database systems.
  • Strong understanding of risk assessment processes and procedures.
  • Record of participating in designing, configuring, troubleshooting and maintaining new security processes and security technologies. (firewall, IPS, IDS, content filtering deployments, Snort, eEye Retina, Nessus, nMap, zixMail or McAfee Endpoint Encryption suite.
  • Record of participating in information system risk assessments either technical or procedural.
  • Record of developing and implementing information security policies and procedures.
  • Intermediate knowledge of hubs, switches, and routers.
  • Basic knowledge and work experience with Cisco network devices (L2 and L3), large scale ACL management, Microsoft Windows, Unix/Linux, intrusion prevention systems (IPS), application and packet inspection firewalls and denial of service (DoS) technologies
  • Experience with analyzing and troubleshooting network sessions using sniffer tools such as tcpdump, snoop and WireShark.
  • Demonstrated pattern of growth in ability to lead others.
  • Knowledge of Federal and State security regulation – HIPAA/PCI/HITECH/Etc
  • Current knowledge of security threats, attack methodologies, security principles, best practices, and evasion techniques.
  • Excellent planning, documentation and organizational skills.
  • Excellent problem solving skills.
  • Possess good communication and interpersonal skills to work successfully in a team environment.
  • Strong customer service skills.

Demonstrates commitment to the Partners-in- Caring process by integrating our culture in all internal and external customer interactions; delivers on our brand promise of “we advance health” through innovation, accountability, empowerment, collaboration, compassion and results while ensuring one Memorial Hermann.

Principle Accountabilities:

  • Leads in the research, installation, configuration, implementation, troubleshooting and maintenance of security systems and services.
  • Leads in performing risk assessment of information assets including: information systems, biomedical systems and data centers.
  • Develops new and improves upon existing information security risk assessment methodologies.
  • Perform policy reviews and updates information security policies and identifies new policy requirements.
  • Leads in implementing controls and procedures to protect information systems from unauthorized or accidental modification, disclosure, or destruction, under the guidance of Senior/Lead Security Analysts or Management.
  • Provides unassisted support to application owners, project manager, vendors, and end-users.
  • Works on teams and provide task completion for all levels of projects.
  • Accountable for meeting and setting project timelines.
  • Recommends technical and documentation standards.
  • Responsible for designing and planning of advanced security systems or services.
  • Provides guidance and mentoring to Security Analyst(s)
  • Provide status updates to Information Security management on the results of risk assessments.
  • Researches and makes recommendations regarding the acquisition of new security tools and technology.
  • Ensures safe care to patients adhering to policies, procedures, and standards, within budgetary specifications, including time management, supply management, productivity, and accuracy of practice.
  • Promotes individual professional growth and development by meeting requirements for mandatory/continuing education, skills competency, supports department-based goals which contribute to the success of the organization; serves as preceptor, mentor, and resource to less experienced staff.
  • Responsible for covering a 7x24 shift of on call support rotating which is rotated weekly among the Information Security Risk Management team.

Read 240 times Last modified on Monday, 11 December 2017 16:26

About Us


Chapter Members and Visitors,

Welcome to our ISACA, Great Houston Chapter website!

We recently held our Annual General Meeting and one day gratis Security and Audit Conference July 21. We have not offered a gratis one day conference in a while, although all of our conferences are quite reasonable, and it was appreciated. As someone noted, “Free is always good!”

We had a good turnout, around 125, with approximately 85 staying to the final bell; it did help that we gave away several $100 certificates at the close of the day.

We had several folks who gave significantly of their time to both plan and serve our members and guests during the conference, and we will acknowledge them shortly on our website. However, one person I want to thank now is Mel McQueary, with HCC, who was able to help us rent the auditorium at their West Loop South Campus. We received many compliments on the space itself, and the location.


More About Us

What We Do

Our aim is to sponsor local educational seminars and workshops, conduct regular chapter meetings, and help to further promote and elevate the visibility of the IS audit, control and security profession throughout the area. 

 We conduct chapter meetings the third Thursday of the month that typically includes a morning or afternoon training along with a luncheon meeting/training.  We also sponsor SIG group meetings on the same day.

Local seminars are held in the spring and fall that include topics of high relevance to our membership community. Certification training is scheduled before each ISACA exam date based on interest level. 

We partner with other organizations to provide additional educational opportunities for our greater Houston area membership. Please visit our chapter EVENTS page frequently for the latest educational and networking opportunities.