Information Security Analyst
San Francisco Health Plan
Contract San Francisco, California, United States Posted 4 years ago
About Position
Information Security Analyst (Contract)
$85.00 / Hourly
San Francisco, California, United States
Information Security Analyst
Contract San Francisco, California, United States Posted 4 years ago
Description
WHAT YOU WILL DO
Lead the planning and design of enterprise security architecture, under the direction of the ITS Security Team, Security Officer and CIO, where appropriate.
Lead the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Security Officer, Chief Compliance Officer and CIO, where appropriate.
Develop and report key security metrics.
Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the Business Continuity and Disaster Recovery Teams, where appropriate.
Maintain uptodate detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
Lead or manage technical system security audit efforts by working with SFHP Compliance Team members.
Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
Lead the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating practices and in compliance with the enterprises security documents.
Ensure that uptodate baselines for the secure configuration and operations of all inplace devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.) are maintained.
Ensure that operational configurations of all inplace security solutions as per the established baselines are maintained.
Monitor all inplace security solutions for efficient and appropriate operations.
Review logs and reports of all inplace devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
Participate in investigations into problematic activity.
Participate and or lead in the design and execution of vulnerability assessments, penetration tests and security audits.
By applying to a job using PingJob.com you are agreeing to comply with and be subject to the PingJob.com Terms and Conditions for use of our website. To use our website, you must agree with the Terms and Conditions and both meet and comply with their provisions.
