Job Title: IT Security & Compliance Analyst
Location: Miramar FL Hybrid (23 days remote)
Terms: Direct Hire
Job Description:
- Continuously improve strengthen and scale the companys security and compliance program in coordination with internal and external teams and partners prioritizing strategies that focus on improving quality and mitigating risks.
- Assist in the endtoend management of securityrelated risks including risk identification analysis mitigation and reporting to management on a periodic basis (i.e. monthly quarterly and etc.).
- Aggregate and track security risks across various business units security domains and asset categories
- Review network and application security logs to identify any nonstandard environment usage or behavior.
- Utilize IT incident management procedures to determine risk exposure and take necessary actions to quickly address a potential issue.
- Assist in managing configuring troubleshooting or implementing security tools and solutions such as SIEM IAM DLP MDM etc.
- Review system security configurations to ensure alignment with company security policies and best practices for Windows Linux Active Directory GPOs Office 365 Azure AWS etc.
- Perform vulnerability scans and detection across the environment.
- Facilitate Application User Access Reviews in accordance with defined IT policies and procedures
- Assist in the identification documentation and recommendation of policies standards guidelines and procedures to assure the confidentiality integrity and availability of the IT environment.
- Collaborate with individuals from IT Application Development Compliance and Business Operations in in order to improve and implement new processes that will further grow the foundation of the Security program.
- Develop a subject matter expertise for one or multiple assigned cybersecurity technology stacks (e.g. identity and access management network intrusion detection and prevention host based security tools)
- Participate in the vendor risk management process including review of vendor HIPAAA and ePHI security controls.
- Work on HIPAA Gap remediation initiatives and action items.
- Maintain and promote security awareness platform training campaigns phishing and other user awareness activities.
- Evaluate and work closely with technical IT personnel to implement technical security solutions and evaluate changes to risk and effect of risk mitigation strategies.
- Clearly communicate information security principles and practices to technical and nontechnical audiences both in writing and verbally.