Listing Description
For more than 20 years, PointClickCare has been the backbone of senior care. We’ve amassed the richest senior care dataset making our market density untouchable and our connections to the healthcare ecosystem exponentially more powerful than those of any other platform.
With Collective Medical & Audacious Inquiry, we’ve become the most expansive, full-continuum care collaboration network, offering care teams immediate, point-of-care access to deep, real-time insights at every stage of a patient’s journey.
The Information Security Analyst will be responsible for the proactive monitoring of the enterprise security and risk posture of production systems and infrastructure, while identifying and escalating potential incidents or anomalies for further investigation.
The ideal candidate must be able to work independently and have project management skills. Desired areas of knowledge include vulnerability assessment tools, intrusion prevention and detection, access control and authorization, firewall rulesets, encryption, web-filtering, advanced threat protection and cloud security.
It is preferred that the Information Security Analyst will be experienced in HIPAA regulations and informed about NIST and ISO frameworks.
Responsibilities:
· Implement controls across the enterprise to align with regulations, HITRUST, EHNAC and SOC2 audit requirements
· Review and analyze alerts and logs from firewalls, intrusion detection/protection systems, antivirus and event solutions and other security threat data sources to gain awareness and report on potentially suspicious and anomalous activity
· Assist with formulation and distribution of information weekly/monthly/quarterly metrics and event reports
· Conduct and assist with internal security training program for employees
· Work with security team to perform test and uncover vulnerabilities
· Follow up on outstanding security audit and penetration testing findings
· Investigate security breaches and other cyber security incidents
· Work with business and IT teams to develop and document processes around security best practices
Qualifications:
· Minimum of 3-5 years of IT security experience, a current security certification preferred (Security+, GIAC Security Essentials, CISA, etc.)
· Minimum of 1-2 years of cloud security experience, preferably experience with Amazon Web Services (AWS), Azure AD and Office 365
· Strong critical thinking and problem-solving skills. Excellent written and oral communication skills
· Knowledge of IT data security compliance programs preferred including HITRUST, SOC2, HIPAA/HITECH, NIST/CMS or similar (ex. FINRA)
· Efficient with OS Security, Windows, and Linux
· Hands on technical knowledge with at least one of the following: Role-based access control, network security, current information security threats, incident management concepts and practices
· Not required, but preferred experience with at least one of the following tools: Nessus/Tenable.io, Governance Risk Compliance Tools, Log Aggregation Tools, Office 365 Security Rules, Azure AD, DUO two-factor authentication or Sophos Security
This position may include access to protected health information (PHI) and confidential information. The successful candidate will be required to complete training and must handle all PHI appropriately according to AI and PointClickCare policies, and all applicable laws and regulations.
#LI-Remote
#LI-TW1
It is the policy of PointClickCare to ensure equal employment opportunity without discrimination or harassment on the basis of race, religion, national origin, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law. PointClickCare welcomes and encourages applications from people with disabilities. Accommodations are available upon request for candidates taking part in all aspects of the selection process. Please contact recruitment@pointclickcare.com should you require any accommodations.
When you apply for a position, your information is processed and stored with Lever, in accordance with Lever’s Privacy Policy. We use this information to evaluate your candidacy for the posted position. We also store this information, and may use it in relation to future positions to which you apply, or which we believe may be relevant to you given your background. When we have no ongoing legitimate business need to process your information, we will either delete or anonymize it. If you have any questions about how PointClickCare uses or processes your information, or if you would like to ask to access, correct, or delete your information, please contact PointClickCare’s human resources team: recruitment@pointclickcare.com
PointClickCare is committed to Information Security. By applying to this position, if hired, you commit to following our information security policies and procedures and making every effort to secure confidential and/or sensitive information.
Listing Details
- Citizenship: Not Provided
- Incentives: Not Provided
- Education: Not Provided
- Travel: Not Provided
- Telework: Not Provided