Senior Cloud Security Analyst
Senior Cloud Security Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
The Senior Cloud Security Analyst reflects the mission vision and values of NM adheres to the organizations Code of Ethics and Corporate Compliance Program and complies with all relevant policies procedures guidelines and all other regulatory and accreditation standards.
The Senior Cloud Security Analyst is responsible for providing security for cloudbased digital platforms and plays an integral role in protecting NMHCs data. The security analyst will be extensively involved with security event monitoring evaluating and reporting on information security that supports risk posture. Responsibilities also include investigate create and recommend innovative technologies or other methods that will enhance the security of cloudbased environments.
Northwestern Medicine Information Services drives innovative highvalue solutions to transform health care.
We are committed to supporting the relentless pursuit of better medicine by providing exceptional service to our patients and guests as well as internal clients across the organization. To ensure excellence our team goes to extraordinary lengths to ensure that our systems work together seamlessly.
Northwestern Medicine understands that technology plays an integral role in shaping the future of health care. Information Services strategically supports the organization by:
- Leveraging AI automation and rollout of advanced cyber controls that support digital transformation strategies
- Implementing advanced technologies in clinical and administrative areas
- Furthering development of the end user support model to help enhance modern infrastructure
Responsibilities:
Cloud Security Skills:
- Threat and Vulnerability Management Continuously acquire assess and take action on new information in order to identify vulnerabilities remediate and minimize the window of opportunity for attackers throughout our cloud service
- Malware protection Prevent detect and respond to the installation spread and execution of malicious code at multiple points in the enterprise while optimizing the use of automation to enable rapid updating of defense data gathering and corrective action
- System hardening Establish implement and actively manage (track report on correct) the security configuration cloud resources using a rigorous configuration management and change control process in order to prevent attackers from exploiting vulnerable services and settings
- Data protection Define and manage processes and tools used to prevent data exfiltration mitigate the effects of exfiltrated data and ensure the privacy and integrity of sensitive information (DLP GASB)
- Log management/Security Analysis Collect manage and analyze audit logs of events that could help detect understand or recover from an attack
- Incident Response Protect the organizations information as well as its reputation by developing and implementing an incident response infrastructure (e.g. plans defined roles training communications management oversight) for quickly discovering an attack and then effectively containing the damage eradicating the attackers presence and restoring the integrity of the network and systems
- Penetration Tests and Red Team coordinate testing the overall strength of an organizations defense (the technology the processes and the people) by simulating the objectives and actions of an attacker
General Technical Skills:
- Maintains solid technical competence for assigned services and systems while grasping the integration and interaction of all supported services and systems
- Provides technical leadership and support for computing systems security
- Strong operations experience focused on public cloud security
- Maintains a broad working knowledge of the full range of NMHC IT security policies and controls
- Provides diagnostic skills and expertise to coordinate problem determination and solution including vendors and manufacturers across the full range of NMHC cloud security controls
- Thorough understanding of cloud infrastructure security and networking governance maintaining compliance creating security policies and blueprints security in layers concepts key vaults intrusion protection risk mitigation and automated security remediation (SecOps)
- Code using modern scripting languages (Python Ruby PowerShell JavaScript)
Customer Service:
- Develops reports monitoring dashboards workflows and metrics within cloud and hybrid environments
- Responds thoroughly and promptly to customer needs as defined in conjunction with our customers
- Manages customer relationships and follows issues through to closure. Includes all aspects of customers (NMHC technology users IS team members etc.)
- Works effectively in supporting the Information Service team with project and support activities
- Actively participates and communications with the project teams
- Prepares and delivers effective support by seeking a thorough understanding of the teams goals and objectives
- Understands the business and clinical processes at NMHC and the operational environments of assigned customers
- Experience with gathering business requirements technical analysis and design
Communication Skills:
- Utilize ServiceNow ITOM Orchestrator Cloud Management Cost Management Change Management Asset Management creating workflows and authorization workflows CMDB to accurately communicate cloud capabilities
- Communicates clearly responsively and purposely with customers and team members
- Proficient in all written communication both internally and externally
- Develops effective relationships with users and other IS team members to enhance the timeliness and effectiveness of technology solutions
Planning:
- Reviews technology projects analyzes business requirements recommends system changes writes technical specifications and implements system and system changes to address changing application requirements
- Provides technical leadership including the identification and implementation of NMHC best practice standards
- Develops project plans to direct technology activities either in support of application projects or as independent work activities
- Works directly with project managers to understand application objectives develop scope of project outline effort projections determine schedules and finalize plans
- Establishes and enforces standards and procedures in accordance with NMHCs security policies
Additional Functions:
- Providing oncall support is required.
Qualifications :
Required:
- 5 years of experience in core discipline
- Excellent verbal and written communication skills
Preferred:
- Bachelors degree in related field or equivalent years of experience
- 5 years of experience in core discipline in the healthcare industry
Additional Information :
Northwestern Medicine is an affirmative action/equal opportunity employer and does not discriminate in hiring or employment on the basis of age sex race color religion national origin gender identity veteran status disability sexual orientation or any other protected status.
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
