The IT Security Analyst is primarily responsible for the implementation and support of enterprise security for both the data and technology infrastructure utilized by Lurie Children's Hosptial thereby ensuring that Lurie Children's maintains a protected Information Technology (IT) infrastructure. Therefore this individual is must be literate in current security practices, threat awareness, and other applications of the security process to the organization's needs. Knowledge of Cisco, Microsoft, and other client/server network and application technologies is also needed as the security infrastructure exists in support of these systems and applications. This position performs tasks in association with IM application and network systems teams and is expected to perform in a consultative fashion to all parties regarding information security related IT issues. Duties may be performed directly or coordinated with external technology and/or service partners. The IT Security Analyst is expected to be self-directed and perforn responsbilities with minimal supervision.
1. Advises management of potential IT security threats and mitigation strategies.
2. Functions as a technical lead on multiple IT security systems and infrastructure projects.
3. Maintans Cisco and other technology vendors wired and wireless network security equipment and software. a. Reviews multiple metrics, correlates anomalies that impact multiple systems, determines root causes, and implements corrective action. b. Performs security troubleshooting and analysis utilizing Network General Sniffer and other inspection tools c. Works with the IT Security Analyst SR, IT Network Engineer /Engineer and the Manager of IT Security for policy and design needs related to network infrastructure security.
4. Performs a backup role for the IT Network Engineer(s) as needed.
5. Participate in other department or organizational project tasks as required.
6. Completes assigned Help Desk support tickets within IM Department standards
7. Serves as liaison to vendors for equipment and software maintenance
8. Develops and documents procedures covering all aspects of enterprise-wide security infrastructure
9. Performs ongoing capacity and performance planning for enterprise security infrastructure and related technologies.
10. Assumes on-call responsibility for data center equipment operations, per the schedule.
11. Performs other duties as assigned.
1. Comprehensive knowledge of Cisco and other security and network technologies: a. 1-3 years of experience working with of the following IT security functions: VPN, firewall, anti-virus protection, two-factor authentication, intrusion detection, disk/file encryption, vulnerability assessments and mitigation, risk assessments, platform hardening, and incident response/reporting. b. 1-3 years of experience working with Microsoft, HP-UX, Solaris, and Windows client/server based equipment/operating systems and applications in a complex enterprise network environment highly desired. c. 1-3 years experience with the following technologies desired: Cisco ASA firewall/VPN, Cisco Secure IDS, Cisco MARS, Microsoft AD, RSA SecureID, Websense Internet monitoring and MacAfee Webshield appliance. d. 1-3 years experience with enterprise wireless technology and security.
2. Education: Bachelor's Degree in Information Systems/Technology/Computer Science (or equivalent work experience).
3. Certifications in the following technologies a plus: CCSP certification (Cisco Certified Security Professional), CISSP (Certified Information Systems Security Professional) and/or MCSA (Microsoft Certified Systems Administrator) or MCSE (Microsoft Certified Systems Engineer) with security specialization.
4. Demonstrated project management skills from a team member role.
5. Programming or scripting skills necessary to assist in server and client management tasks highly desired.
6. Analytical thinking for effective problem determination and correction within the department and in the user community is essential. The ability to work independently, make decisions under pressure, while providing timely and responsive services are the keys to this position.
7. Excellent time and project management skills, customer service and interpersonal skills, system diagnostic and communication (written and oral) are critical for success in this position.