Sr. Security Analyst- FT- Days- Information Security

DHR Health - US:TX:Edinburg - Days

Summary:

FLSA STATUS: Exempt Non-Exempt

MISSION STATEMENT:

Our Mission is to improve the well-being of those we serve with a commitment to excellence: every patient, every encounter, every time.

VISION:

Our Vision is to create a world-class health system to advance medicine and increase access for the communities we serve by empowering caregivers to heal through compassion, knowledge, innovation, integrated care and excellence.

POSITION SUMMARY:

The Senior Security Analyst supports the Information Security program by monitoring, assessing, and responding to cybersecurity threats, vulnerabilities, and risks across the organization. This position acts as a technical and operational bridge between daily security operations and strategic initiatives. The Senior Security Analyst assists in designing, implementing, and maintaining effective security controls, supporting incident response, and performing risk and vulnerability assessments. The role requires analytical expertise, collaboration across IT and clinical departments, and the ability to translate complex security findings into actionable risk mitigation strategies.

POSITION EDUCATION/ QUALIFICATIONS:
Bachelor's degree in information security, Computer Science, Information Systems, or a related field preferred.
Minimum 4-6 years of progressive experience in information security, system administration, or cybersecurity operations.
Experience in healthcare IT environments preferred.
Hands-on experience with security monitoring tools (SIEM, IDS/IPS, endpoint protection, vulnerability management).
Familiarity with TrendMicro, CrowdStrike, or similar endpoint protection technologies.
Working knowledge of firewalls, Active Directory, identity, and access management (IAM), and network segmentation.
Understanding of incident response procedures, forensic analysis, and log correlation.
Knowledge of security frameworks and standards such as HIPAA, HITECH, NIST, ISO27001, and PCI-DSS.
Excellent analytical, problem-solving, and communication skills.
Security certifications (e.g., Security+, CEH, CySA+, CISSP Associate) preferred.
Some evening or weekend work will be required.

JOB KNOWLEDGE/EXPERIENCE:
Must be experienced with active directory and have a solid technical background
Understanding of Access Controls
Understands existing identity data in the different systems and determine ways to integrate into IdM or Active Directory
Understanding of industry accepted standards
Understands identity management processes and identify opportunities to automate additional functions within the company
Understanding of governance/ access certification
Understanding of Federation standards and SSO concepts
Knowledge of Power Shell, SQL programming, understanding of Web Services standards
Knowledge of Active Directory (security model, LDAP protocol, and administrative tools)
Knowledge of Exchange Server (email configuration, mailbox management, and mailbox creation)
Knowledge of SQL Server (database/table/view definitions, backup/restore, performance tuning

Responsibilities:

POSITION RESPONSIBILITIES:

• Monitor network, application, and system logs for indicators of compromise (IOCs) and anomalous activity.
• Investigate, contain, and remediate cybersecurity incidents under the guidance of the Information Security Officer.
• Perform and document vulnerability assessments, risk analysis, and coordinate remediation with system owners.
• Maintain and tune SIEM and endpoint protection systems to ensure optimal detection and response capability.
• Participate in security awareness and training initiatives for staff.
• Review and recommend improvements to access control policies and configurations in Active Directory, VPNs, and key applications.
• Assist in security reviews for new systems, vendors, and integrations.
• Support configuration and change management processes for security devices and applications.
• Conduct periodic threat modeling and assist in updating organizational risk registers.
• Collaborate with Infrastructure and Application teams to embed security best practices in system designs and patch management.
• Generate regular security posture and incident trend reports for management review.
• Contribute to the development and refinement of security policies, standards, and procedures.
• Support compliance audits and respond to audit findings related to information security.

LINES OF REPSONSIBILITIES:

(Chain-of-command)

1. Information Security Officer 2. Director

Other information:

CUSTOMER SERVICE:

Provide excellent customer service to all DHR customers. All employees are required to attend the DHR C.A.R.E.S program which outlines the Customer Service Principals including: Commitment, Accountability, Respect, Excellence and Service.

AGE SPECIFIC:

Employees must be able to demonstrate the knowledge and skills necessary to provide care appropriate to the age of the patients served in his/her assigned unit. The individual must demonstrate knowledge of principles of growth and development over the life span and possess the ability to assess data reflective of the patient's status and interpret the appropriate information needed to identify each patient's requirement relative to his or her age.

AMERICANS WITH DISABILITIES ACT: (ADA):

A. Essential Duties: Indicated by bold print within performance standards, preceding individual numbered criteria.

The following table provides physical requirements that will be associated with, but not limited to, this position:

Light/moderate lifting up to 20 lbs, from the floor to shoulder height.

Yes

Kneeling

Yes

Must be able to assist other employees with lifting more than 20 lbs.

Yes

Walking

Yes

Light/moderate carrying up to 20 lbs.

Yes

Standing/Squatting

Yes

Straight pulling

Yes

Sitting

Yes

Pulling hand over hand

Yes

Pushing

Yes

Repeated bending

Yes

Stooping/Bending

Yes

Reaching above shoulder

Yes

Climbing Stairs

Yes

Simple grasping

Yes

Climbing Ladders

No

Dual simultaneous grasping

Yes

Depth Perceptions needed

Yes

Ability to see

Yes

Identify Colors

Yes

Operating office equipment

Yes

Twisting

Yes

Operating mechanical equipment

Yes

Crawling

No

Ability to read and write

Yes

Ability to Count

Yes

Ability to hear verbal communication without aid

Yes

Operating Personal Vehicle

Yes

Ability to comprehend written/verbal communication

Yes

Other: Ability to deal with stress

Yes

OSHA Category

III

B. Working Conditions: The individual spends over 95% of his/her time in an air-conditioned environment with varying exposures to noise. There is protection from weather conditions but not necessarily from temperature changes. The position does have low exposure to malodorous, infectious body fluids from patients and some minimal exposure to noxious smells from cleansing agents.

C. Occupational Exposure: This position has minimal to no exposure to blood, body fluids, or tissues and is an OSHA Category III (although situations can be imagined or hypothesized under which anyone, anywhere, might encounter potential exposure to body fluids). Person who performs these duties are not called upon as part of their employment to perform or assist in emergency medical care or first aid or to be potentially exposed in some other way.

D. Aptitudes: HIGH 1 2 3 4 5 6 LOW

Intelligence: General learning ability: The ability to "catch on" or understand instructions and underlying principles. Ability to reason and make judgments. 3

Verbal: Ability to understand meanings of words and ideas associated with them, and to use them effectively. To comprehend language, to understand relationships between words, and to understand meanings of whole sentences and paragraphs. To present information or ideas clearly. 3

Numerical: Ability to perform arithmetic operations quickly and accurately. 2

Spatial: Ability to comprehend forms in space and understands relationships of plane and solid objects. Frequently described as the ability to "visualize" objects or two or three dimensions, or to think visually of geometric forms. 2

Form Perception: Ability to perceive pertinent details and objects or in pictorial or graphic material to make visual comparisons and discriminations and see slight differences in shapes and shadings of figures and widths and lengths of lines. 3

Clerical Perception: Ability to receive pertinent details and verbal or tabular material. To observe differences in copy, to proofread words and numbers, and to avoid perceptual errors in arithmetic computation. 2

Motor Coordination: Ability to coordinate eyes and hands to fingers rapidly and accurately in making precise movements with speed. Ability to make a movement response accurately and quickly. 3

Finger Dexterity: Ability to move hands easily and skillfully. To work with fingers in placing and turning motions. 3

Manual Dexterity: Ability to move hands easily and skillfully. To work with hands in placing and turning motions. 3

Eye-Hand-Foot Coordination: Ability to move the hand and foot coordinately with each other in accordance with visual stimuli. 3

Color Discrimination: Ability to perceive and respond to similarities or differences in colors, shapes, or other values of the same or different color. To identify a particular color, or to recognize harmonious or contrasting color combinations, or to match color adequately. 3

I have read and reviewed my job description with my supervisor or designee and I understand the job I am expected to perform.

If applicable ____________ certification will be completed within _________ time frame of hire/transfer date.

Employee Signature: Date:

Transfer/Hire Date Effective: .