Shirley Ryan Abilitylab - Chicago, IL
posted 19 days ago
Full-time - Mid Level
Chicago, IL
Social Assistance
About the position
The IT Security Analyst at Shirley Ryan AbilityLab is a key member of the IT Security Operations team, responsible for delivering a comprehensive information security program. This role involves managing, monitoring, and deploying technical controls to safeguard the organization's information assets in a demanding healthcare environment. The analyst will work collaboratively with various IT teams to ensure security configurations are enforced and maintained, while also demonstrating core attributes and values of the organization.
Responsibilities
- Perform administration relevant to security operations for all on-premises, hosted, and cloud infrastructure, storage, applications, systems, and networks.
- Conduct continuous monitoring of security solutions including antivirus, encryption, endpoint detection and response, SIEM, privileged access management, vulnerability management, threat intelligence, DLP, and intrusion detection & prevention.
- Identify security incidents during monitoring and collaborate with teams to execute incident response procedures for containment and eradication.
- Provide emergency, after-hours, and weekend support on a rotational basis for priority issues outside normal business hours.
- Execute and propose improvements to documentation and procedures related to security practices and processes.
- Assist in conducting security awareness training and phishing simulations as needed.
- Provide direction and collaborate with teams regarding operational security items related to identity and access management.
- Work closely with IT, business units, and vendors to ensure new systems and processes meet security requirements.
- Evaluate vendor security assessments and coordinate internal and external security audits, assisting in the development of post-audit mitigation plans.
- Build relationships within SRAlab and among business partners to improve IT Security Operations effectiveness.
Requirements
- A minimum of five (5) years progressive experience in Information Technology, with at least three (3) years in systems security administration, systems audit, or security compliance.
- Hands-on experience with security solutions including antivirus, SIEM, encryption, endpoint detection and response, DLP, intrusion detection & prevention, systems patching, vulnerability management, and threat intelligence.
- Advanced knowledge of security configurations and monitoring for Microsoft Active Directory, Windows and Linux OS, AWS/Azure cloud, logging and monitoring, user access, and network communication protocols.
- Understanding of information security concepts, protocols, industry best practices, and regulatory requirements.
Nice-to-haves
- Experience with healthcare information security compliance standards.
- Familiarity with security frameworks such as NIST, ISO 27001, or CIS Controls.
Benefits
- Health insurance coverage
- Dental insurance coverage
- 401k retirement savings plan
- Paid holidays
- Flexible scheduling options
