Information Security Administrator
INFORMATION SECURITY ADMINISTRATOR
Position Summary:
Under the general direction of the IT Manager (Infrastructure, Security and Service Desk) and MedCost Security Official, the Information Security Administrator role requires a broad range of implementation and analytical skills to assess, diagnose and remediate security events. This individual will be responsible for proactively monitoring systems for threats, vulnerabilities, and trend analysis. This position is responsible for managing the organization’s information security tools and technologies including but not limited to access control, network monitoring, intrusion prevention, threat/vulnerability, unauthenticated access, data loss prevention and antivirus/malware. This candidate will also work collaboratively and consult with other IT teams to maintain a strong security posture, such as networking/infrastructure, developers, and other IT departments. This candidate should have background knowledge of network infrastructure, security operations, incident management experience and will be capable of multi-tasking between multiple projects and tactical initiatives.
The Information Security Administrator will also be responsible for providing guidance, input and oversight to security awareness, governance, and departmental disciplines in adherence to security policies. This individual will work closely with the Information Security Engineer, IT Services, Compliance, and other business leaders to select and deploy technical controls necessary to support HIPAA and NIST compliance. The Information Security Administrator role is accountable for contributing to security awareness through effective communication, incident management and change control.
Position Responsibilities:
Position Qualifications:
Required:
MedCost participates in the Electronic Verification system (E-Verify) to electronically verify the work authorization of newly-hired employees. E-Verify is an internet-based program that compares information from an employee's Form I-9 to data contained in the federal records of the Social Security Administration and the Department of Homeland Security to confirm employment eligibility. MedCost does not use E-Verify to pre-screen job applicants.
Position Summary:
Under the general direction of the IT Manager (Infrastructure, Security and Service Desk) and MedCost Security Official, the Information Security Administrator role requires a broad range of implementation and analytical skills to assess, diagnose and remediate security events. This individual will be responsible for proactively monitoring systems for threats, vulnerabilities, and trend analysis. This position is responsible for managing the organization’s information security tools and technologies including but not limited to access control, network monitoring, intrusion prevention, threat/vulnerability, unauthenticated access, data loss prevention and antivirus/malware. This candidate will also work collaboratively and consult with other IT teams to maintain a strong security posture, such as networking/infrastructure, developers, and other IT departments. This candidate should have background knowledge of network infrastructure, security operations, incident management experience and will be capable of multi-tasking between multiple projects and tactical initiatives.
The Information Security Administrator will also be responsible for providing guidance, input and oversight to security awareness, governance, and departmental disciplines in adherence to security policies. This individual will work closely with the Information Security Engineer, IT Services, Compliance, and other business leaders to select and deploy technical controls necessary to support HIPAA and NIST compliance. The Information Security Administrator role is accountable for contributing to security awareness through effective communication, incident management and change control.
Position Responsibilities:
- Monitor, maintain, and analyze security alert and requests necessary to mitigate cybersecurity threats and vulnerabilities and collaborate with the Information Security Engineer for remediation instruction. The analysis of the output of these requests should include proactive measures/tasks to maintain the overall security posture of the organization.
- Upgrade, optimize and implement key information security technologies, such as access control, network monitoring, intrusion prevention, threat/vulnerability, unauthenticated access, data loss prevention and antivirus/malware. The analysis of the output of these tools should include proactive measures/tasks to maintain the overall security posture of the organization.
- Document processes, procedures and incident reports based on security incidents and events. Adherence to incident management and change control are essential components.
- Planning, meetings, and collaboration discussions with other departments within the organization.
- Administrative tasks specific to forms, spreadsheets, calendaring, time entry and structured efficiencies.
- Ability to adhere to technical system controls by processes and technologies against NIST framework
- Ability to quickly respond to network and host-based security events.
- Coordinates with third parties regarding software upgrades, releases, and information management.
- Analyze reporting, incidents, and adherence to security controls. Ability to prepare and present information to effectively communicate information security posture improvement opportunities to leadership.
- Organize meetings, governance, and security awareness opportunities through creative, yet effective means of communication.
- Applies system analysis techniques and procedures to reinforce secure, automated solutions.
- Keeps management abreast of the state of applications and key systems through the use of automated reports and monitoring solutions.
- Provides on-call support after normal working hours to address security events.
- At times, to meet business needs, are required to work beyond 40 hours per week and on an on-call rotating basis.
Position Qualifications:
Required:
- 2-year college degree or equivalent IT experience
- Security+, CySA+, SSCP, CCNA Cyber Ops or equivalent security certification
- 5+ years of IT experience with 3+ years of Information Security
- Excellent organizational skills
- Excellent communication skills, verbal and written
- Ability to handle multiple tasks with varying priorities
- Ability to work with other MedCost departments in an effective and congenial manner
- Ability to prioritize and demonstrate attention to detail
- Ability to work independently while recognizing the importance of teamwork
- Familiarity with Information Security frameworks, such as NIST, HIPAA, HITRUST, PCI/DSS, ISO, SSAE, or others strongly preferred.
- Awareness of security projects, including defining requirements and developing project plans for review
- Knowledge of SIEM principles, vulnerability management expectations, firewalls, endpoint protection strategies, and similar technologies (Palo Alto Networks, IBM QRadar, Cortex XDR is a plus).
MedCost participates in the Electronic Verification system (E-Verify) to electronically verify the work authorization of newly-hired employees. E-Verify is an internet-based program that compares information from an employee's Form I-9 to data contained in the federal records of the Social Security Administration and the Department of Homeland Security to confirm employment eligibility. MedCost does not use E-Verify to pre-screen job applicants.
-
Seniority level
Mid-Senior level -
Employment type
Full-time -
Job function
Information Technology -
Industries
Insurance
Referrals increase your chances of interviewing at MedCost by 2x
See who you knowGet notified about new Information Security Administrator jobs in United States.
Sign in to create job alertSimilar jobs
People also viewed
-
Group Manager, IT/Security
Group Manager, IT/Security
-
Senior Manager, Technology Risk and Information Security
Senior Manager, Technology Risk and Information Security
-
Information Security Lead
Information Security Lead
-
Security Analyst IV - 100% Remote - Open to C2C
Security Analyst IV - 100% Remote - Open to C2C
-
Security Consultant
Security Consultant
-
Sr SME Cyber Security Consultant (W2 Remote)
Sr SME Cyber Security Consultant (W2 Remote)
-
IT Security Manager
IT Security Manager
-
Workday Security Administrator
Workday Security Administrator
-
Assistant Cyber Services Manager
Assistant Cyber Services Manager
-
Senior Manager, Security
Senior Manager, Security
Looking for a job?
Visit the Career Advice Hub to see tips on interviewing and resume writing.
View Career Advice Hub