Senior Security Analyst at Myers and Stauffer LC in Indianapolis, Indiana
Posted in Other 3 days ago.
Job Description:
Myers and Stauffer LC is a certified public accounting and health and human services reimbursement consulting firm, specializing in audit, accounting, data management and consulting services to government-sponsored health and human services programs (primarily state Medicaid agencies, and the federal Center for Medicare & Medicaid Services). We have 45+ years of experience assisting our government clients with complex health care reimbursement and provider compliance issues, operate 20 offices and have over 900 associates nationwide.
At Myers and Stauffer, you will have a career that is rewarding while also supporting our state and federal government health and human services clients that focus on those in need. We are committed to providing our employees with professional growth and development opportunities, a diverse, dynamic, challenging work environment, and a strong and visionary leadership team.
What We Offer:
- Health, Dental, and Vision insurance along with other competitive employee benefits
- Vacation time, sick time, paid holidays, and two floating holidays
- Paid Parental Leave and available support resources
- 401K with company matching for eligible employees
- Tuition reimbursement, referral bonuses, paid volunteer community service time, mentor program, and a variety of other employee programs and perks
- A combination of technical and leadership development training at each career milestone
- Up to six counseling sessions per year for eligible employees through our Employee Assistance Program
The Information Security Analyst will support the protection of our information assets from intentional or unintentional disclosure, modification, destruction, or denial of access through the implementation of appropriate information security policies, standards, guidelines, and procedures. The Analyst's primary role is to support our vulnerability and risk management programs and facilitate incident response procedures in a timely and accurate fashion.
The Information Security Analyst will conduct network and application vulnerability/risk assessments for the organization, participate in penetration testing and detection activities, and perform security incident response procedures utilizing internal and external resources. The analyst will assist with the implementation and enhancement of information security measures to safeguard our systems and information assets.
Essential Functions
- Perform audits, risk assessments, and vulnerability testing (internal, external, application, database, and firewall) to identify potential threats with appropriate remediation strategies.
- Identifies, investigates, and responds to potential threats, reported security violations/incidents.
- Conducts security audits, recommends, and implements corrective actions.
- Support the Vulnerability Management program to identify, communicate, and track vulnerabilities and patches for critical systems and devices.
- Support and manage threat detection solutions and processes including new deployments, maintenance, monitoring and investigation, and Security Operations Center team support.
- Support and assist with security endpoint and email solutions, system information and event management (SIEM), password vault, and network firewalls as needed with the focus on minimizing threats and exposure risks to MSLC.
- Recommend, pilot, and deploy additional security products and tools, or enhancements to existing tools, to detect violations of network security measures and malicious activities.
- Develop and implement, as required, the necessary monitoring and detection solutions to audit and enforce company policies, controls, and standards.
- Conduct research on emerging threats and mitigating security products, services, and standards to protect our systems, networks, and data.
- Assist with the development of security policy, awareness materials, presentations, and training sessions to ensure employee awareness of appropriate information security policies and controls.
- Assist in furthering the development of base line security configuration for systems, databases, networks, and applications
- High school diploma or GED required; Bachelor's degree preferred
- CISSP, CISA, or equivalent certifications preferred
- Experience with network and application vulnerability management and assessment solutions.
- Knowledge of information security frameworks and standards including the NIST Cyber Security Framework, NIST SP 800-53 and ISO 27002 Information Security Control standards.
- Understanding of FISMA, StateRAMP, and FedRAMP.
- Experience with AICPA SOC1 type 2, SOC2 type 2 audits
- Experience with threat detection solutions and incident and breach response activities.
- Understanding of data protection requirements relating to personally identifiable information and protected health information.
Myers and Stauffer takes pride in the welcoming and collaborative culture we have throughout our offices. For this position, the employee will report to one of our Managers or Senior Managers on the Information Technology team.
Work Style:
Our general business hours are Monday through Friday 8am-5pm, but can vary based on business needs. Dependent on performance, our in-office associates are eligible for a hybrid work schedule after their initial 90-day training period. As a company, we are always willing to discuss potential flexibility that an employee may need to better suit their work-life wellbeing.
Typical Interview Process:
- Phone Screen with a Recruiter
- In person or remote interview with the hiring manager & team
- Hiring decision and job offer
#LI-Remote
More jobs in Indianapolis, Indiana
|
The Judge Group Inc. |
|
Colossus, Incorporated |
|
Baker Tilly |
More jobs in Other
|
Hyatt |
|
Marriott Vacations Worldwide Corporation |
|
Marriott Vacations Worldwide Corporation |