Security Analyst

R1 RCM Inc. is a leading provider of technologyenabled revenue cycle management services which transform and solve challenges across health systems hospitals and physician practices. Headquartered in Chicago R1 is a publiclytraded organization with employees throughout the US and international locations.

Our mission is to be the one trusted partner to manage revenue so providers and patients can focus on what matters most. Our priority is to always do what is best for our clients patients and each other. With our proven and scalable operating model we complement a healthcare organizations infrastructure quickly driving sustainable improvements to net patient revenue and cash flows while reducing operating costs and enhancing the patient experience.

We are looking for a selfmotivated Cybersecurity Analyst to join the R1 Cybersecurity Operations Team. We have a relentless focus on driving results for our customers and enabling them to invest more in patient care; in turn this allows us to continue to grow our company and your career.

The successful candidate must be wellversed in security operations cyber security tools intrusion detection and secured networks. They will serve as an expert and be responsible for providing network and security operations technical analysis assessment and recommendations in the areas of realtime security situational awareness operational network system and applications systems security monitoring.

Responsibilities:

• Monitoring various security tools (e.g. Crowdstrike Proofpoint MS Sentinel Azure VM to identify potential incidents network intrusions and malware events etc. to ensure confidentiality integrity and availability of R1s architecture and information systems are protected

• Reviewing and analyzing log files to report any unusual or suspect activities.

• Utilize incident response usecase workflows to follow established and repeatable processes for triaging and escalating.

• Generating trouble tickets and performing initial validation and triage to determine whether incidents are security events using opensource intelligence (OSINT)

• Following established incident response procedures to ensure proper escalation analysis and resolution of security incidents.

• Analyzing and correlating incident event data to develop preliminary root cause and corresponding remediation strategy.

• Providing technical support for new detection capabilities recommendations to improve upon existing tools/capabilities to protect the R1s network and assessments for High Value Assets.

• In this role the successful candidate will maintain and monitor compliance with enterprise change management policies and procedures.

• Develop and maintain metrics & reports on the status of the R1 cyber security operations program.

• Attend and participate in Cyber security projects and the change management process. This includes interacting with business units and technical teams to understand what is coming and how their projects can be more secure from the beginning.

• As part of the overall Cybersecurity Operations Team work in tandem with the security operations center (SOC) incident responders (when anomalous activity and host compromise occurs) and technology infrastructure and development team members.

• Participate in established incident response procedures to ensure proper escalationanalysisand resolution of security events and incidents.

• Managing and maintaining change detection and auditing tools

• Researching technology and application processing environments operation and associated user workflow to design build configure implement and document change compliance and audit rules within designated technologies.

• Reconciling changes detected by the system to authorized changes documented in service desk and change management applications.

• Analyzing large volumes of security event data from a variety of sources to identify suspicious and malicious activity.

• Documenting logging and investigating security incidents.

• Performing case management throughout the incident lifecycle for moderately complex security incidents

• Design build and documenting security technology standards processes and operational workflows

• Operating and maintaining physical security monitoring systems

• Review investigate track and monitor viruses and malware propagation and eradication throughout the enterprise.

• Monitoring compliance with enterprise security compliance and change management programs policies and processes

• Researching Threat Intelligence sources on the latest malware trends patches in order to keep the Security Program uptodate.

• Providing metrics & reports on the status of tools environments and assets within the organization.

• Database and Application security to prevent attacks via Input Validation CrossSite Scripting Buffer Overflowetc

Required Qualifications:

• A minimum of 4 years of professional experience in an ITrelated field

• Intermediate knowledge of security monitoring and networking technologies tools protocols and standards

• Knowledge of security policy programs process and metrics

• CompTIA Security certification or equivalent professional experience in security operations

• Intermediate or advanced security networking or audit certification

• Recent experience with static and/or dynamic code review process

• Strong drive and passion to deliver distinctive endproducts a quick learner with a strong attention to detail and quality.

• Excellent interpersonal and communication skills

Desired Qualifications:

• A Bachelors degree in a technical discipline (e.g. Computer Science Business Analyst etc.

• Certification (or ability to obtain certification) in at least one of the following areas: General Security (CISSP) Incident Handling (GCIH) Cloud Security (GCLD Cloud CCSK) and Ethical Hacking (CEH)

• Experience with advanced cyber security tools network topologies intrusion detection and secured networks

• Indepth understanding of NIST SP 80061SOC 2 AICPA controls and frameworks.

Working in an evolving healthcare setting we use our shared expertise to deliver innovative solutions. Our fastgrowing team has opportunities to learn and grow through rewarding interactions collaboration and the freedom to explore professional interests.

Our associates are given valuable opportunities to contribute to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more visit:R1RCM.

R1 RCM Inc. (the Company) is committed to the principles of equal employment opportunity. The Companys practices and employment decisions including those regarding recruitment hiring assignment promotion compensation benefits training discipline and termination shall not be based on any persons age color national origin citizenship status physical or mental disability medical condition race religion creed gender sex sexual orientation gender identity and/or expression genetic information marital status status with regard to public assistance veteran status or any other characteristic protected by federal state or local law. Furthermore the Company is committed to providing a workplace free from harassment based on any of the foregoing protected categories.

Working in an evolving healthcare setting we use our shared expertise to deliver innovative solutions. Our fastgrowing team has opportunities to learn and grow through rewarding interactions collaboration and the freedom to explore professional interests.

Our associates are given valuable opportunities to contribute to innovate and create meaningful work that makes an impact in the communities we serve around the world. We also offer a culture of excellence that drives customer success and improves patient care. We believe in giving back to the community and offer a competitive benefits package. To learn more visit: r1rcm

Visit us on Facebook