Senior Information Security Analyst

The Senior Information Security Analyst supports the InfoSec mission of securing the patient experience. This position applies existing experience associated with analysis and remediation of information security risks that could lead to compromise of Children's National systems. Individuals in this position will use their experience to catalog risks, identify and remediate vulnerabilities, secure of data, and establish policies and standards. This individual will also possess a strong understanding of cybersecurity operations tools, network security and the ability to create and analyze cybersecurity metrics. Assist the cyber team with daily tracking of IS ServiceNow tickets & incidents to assure proper follow through and ticket closure. Understand NIST/HIPAA security control frameworks and the ability to assess control responses for accuracy.

Minimum Education

• Bachelor's Degree Bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required)

Minimum Work Experience

• 5+ years of experience in cybersecurity with a focus on vulnerability management, cybersecurity operations, analysis, forensics and/or investigations (Required)

Required Skills/Knowledge

• Some experience in the application of key cybersecurity practices, controls, and frameworks
• Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences
• Limited direct experience and knowledge of cybersecurity auditing, compliance, and policy
• Some experience in performing risk assessments, vulnerability management, penetration testing, and threat identification.
• Several years experience in the management of access controls including identity, active directory, privileged account management, and authentication
• Some experience in participating in cybersecurity incident response, risk remediation, business continuity, disaster recovery, and cyber operations.

Functional Accountabilities

• Initiates and manages tasks involved in the identification, documentation, and reporting of cyber risks
• Able to initiate and manage tasking for development and documentation of cybersecurity policies, standards, and procedures.
• Engages with other CNH business units to shape initiatives ensuring security of assets, applications, and data
• Initiates and manages tasks that develop and document procedures associated with managing access to CNH systems, data, and other assets
• Initiates and manages tasks associated with cybersecurity incidents, as required