Security Analyst

Save to Favorites

Do good for your community while using your professional expertise. Work with talented peers on a rewarding non-profit cause related program. Rare Genomics Institute is making a difference. Rare Genomics Institute is a non-profit organization that helps families in need of genome research.

The post holder will provide effective data governance assistance across all aspects of the business.

The IT Department is responsible for supporting and maintaining the IT systems, infrastructure and for providing technical support to users across the institute.

Job Description:

Rare Genomics Institute is looking for a IT Security Analyst with experience in Information Security, Privacy and Regulatory Compliance related services. The ideal candidate should have real-world experience with security risk assessment, and privacy impact analysis to assist in assessing and implementing the required process, technology controls, and on-going program implementation that will assure continuous compliance with the security best practices.

Qualification:

• Knowledge of information system Security Assessment & Authorization (SA&A) lifecycle process
• Possesses an understanding of capabilities associated with security monitoring products across all IT platforms.
• Expertise on key regulations and standards, such as HIPAA, NIST 800-53, NIST Cybersecurity Framework, state / federal governmental requirements, etc.
• Related experience with internal audit techniques and implementing appropriate security controls.
• Knowledge of IT security architecture and design (firewalls, Intrusion Detection Systems, Virtual Private Networking, and virus/malware protection technologies).
• Preferred CISSP or CISM
• Knowledge of Cloud technologies, a plus
• Program or Project management, a plus

Responsibilities:

The position will involve the following areas of responsibility, not limited to:

• Perform security risk assessment
• Develop of security artifacts, awareness trainings, SOPs and/or standards
• Identifies and documents IT internal control deficiencies and provides clear and concise recommendations regarding the mitigation of control deficiencies
• Assess tool/technologies to provide recommendation based on security posture