IT Security Compliance Analyst

Job Title: IT Security & Compliance Analyst

Location: Miramar FL Hybrid (23 days remote)

Terms: Direct Hire

Job Description:

• Continuously improve strengthen and scale the companys security and compliance program in coordination with internal and external teams and partners prioritizing strategies that focus on improving quality and mitigating risks.
• Assist in the endtoend management of securityrelated risks including risk identification analysis mitigation and reporting to management on a periodic basis (i.e. monthly quarterly and etc.).
• Aggregate and track security risks across various business units security domains and asset categories
• Review network and application security logs to identify any nonstandard environment usage or behavior.
• Utilize IT incident management procedures to determine risk exposure and take necessary actions to quickly address a potential issue.
• Assist in managing configuring troubleshooting or implementing security tools and solutions such as SIEM IAM DLP MDM etc.
• Review system security configurations to ensure alignment with company security policies and best practices for Windows Linux Active Directory GPOs Office 365 Azure AWS etc.
• Perform vulnerability scans and detection across the environment.
• Facilitate Application User Access Reviews in accordance with defined IT policies and procedures
• Assist in the identification documentation and recommendation of policies standards guidelines and procedures to assure the confidentiality integrity and availability of the IT environment.
• Collaborate with individuals from IT Application Development Compliance and Business Operations in in order to improve and implement new processes that will further grow the foundation of the Security program.
• Develop a subject matter expertise for one or multiple assigned cybersecurity technology stacks (e.g. identity and access management network intrusion detection and prevention host based security tools)
• Participate in the vendor risk management process including review of vendor HIPAAA and ePHI security controls.
• Work on HIPAA Gap remediation initiatives and action items.
• Maintain and promote security awareness platform training campaigns phishing and other user awareness activities.
• Evaluate and work closely with technical IT personnel to implement technical security solutions and evaluate changes to risk and effect of risk mitigation strategies.
• Clearly communicate information security principles and practices to technical and nontechnical audiences both in writing and verbally.