Information Security Analyst 1 - Remote Us

Public Partnerships LLC supports individuals with disabilities or chronic illnesses and aging adults, to remain in their homes and communities and “self-direct” their own long-term home care. Our role as the nation’s largest and most experienced Financial Management Service provider is to assist those eligible Medicaid recipients to choose and pay for their own support workers and services within their state-approved personalized budget. We are appointed by states and managed healthcare organizations to better serve more of their residents and members requiring long-term care and ensure the efficient use of taxpayer funded services.

Our culture attracts and rewards people who are results-oriented and strive to exceed customer expectations. We desire motivated candidates who are excited to join our fast-paced, entrepreneurial environment, and who want to make a difference in helping transform the lives of the consumers we serve. (learn more at www.publicpartnerships.com ).

Watch the " What We Do " video on our website: https://www.publicpartnerships.com/about-us/#

Duties & Responsibilities

• Investigates and follows through on IT security incidents in a geographically distributed environment, considering all relevant technical and non-technical stakeholders during all phases of the incident.
• Develops and executes a cybersecurity awareness training program.
• Analyzes reports about potential / suspected incidents, collects and analyzes technical incident information and log data, investigate, generate reports, and ensure progress on incident tickets.
• Monitors and validates system and service compliance with information security procedures and policies to ensure consistency of internal controls across departments.
• Assists in the development and maintenance of information security policies and procedures.
• Reporting to the Director of Cybersecurity, the Cybersecurity Analyst is responsible for the operational and technical tasks of the PPL cybersecurity and security risk management program.
• Provides input and guidance for developing and updating runbooks and detection rules.
• Represents information security in meetings convened to evaluate new applications and software-as-a-service offerings and evaluates other IT purchases to ensure they meet security and compliance requirements.
• Investigates SIEM alerts / events for relevance, severity, and impact and escalates incidents for further investigation or remediation.
• Works with IS and stakeholders to assess IT risk and recommend information security controls to minimize risk.
• Conducts risk assessments of information systems.
• Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Other duties as assigned.
• Serves as a member of the cybersecurity incident response team.
• Oversee the day-to-day technical services of the company's cybersecurity platforms, services, and deliverables.

Required Skills

• General knowledge of on-premises, cloud, and mobile computing environments (e.g., Microsoft Windows, Apple Macintosh, Linux, AWS, Azure, Google), scripting languages, and security best practices.
• Experience presenting analytic conclusions and research to both technical and non-technical audiences through briefings, emails, etc.
• Experience in the following technologies - SIEMs, WAFs, IDS/IPS, anti-malware, EDR, SOAR, secure cloud access, vulnerability scanning platforms, DLP, private cloud, and open-source security frameworks.
• Demonstrated analytical and problem-solving abilities.
• Familiarity with automation and CI/CD pipeline using various tools like GitHub, Bitbucket, etc.
• Working knowledge and demonstrated ability to perform risk assessments, risk impact analysis, mitigating and compensating control recommendations as applied to information security.
• General knowledge and demonstrated ability to perform vendor vulnerability and security governance assessments.
• At least 5+ years of relevant work experience in at least one of the following areas: Cybersecurity operations, Incident Response, Threat Intelligence, Threat Hunting and Digital Forensics.
• Demonstrated ability to develop, maintain, and execute a cybersecurity awareness program.
• Demonstrated knowledge of social engineering techniques and other information security threats required.
• Demonstrated knowledge of information security principles and best practices.
• Experience with Contributing to risk assessments and mitigation strategies for identified threats.
• Technical system expertise (e.g., gathered from being an IT Administrator) with relevant exposure and expertise in IT Security, in several of the following technologies: Linux and Windows operating systems, web-technologies (encryption, HTTP, REST), networking, cloud environments.
• Ability to use discretion when handling confidential information.

Qualifications

• 1-2 years Windows and/or Linux server administration experience required.
• 4-6 years information security experience required.
• 1-2 years networking experience required.
• 1-2 years of project management experience preferred.
• Certified Information Systems Security Professional (CISSP), Security+, or other security certifications preferred.
• Bachelor's degree in Information Systems, Computer Science, or related field preferred; combination of equivalent experience and education will be considered.

Certification: Azure Security Engineer Associate, CISSP

Compensation & Benefits

• Employee Assistance Program and more!
• The base pay listed may vary depending on skills, experience, job-related knowledge, and location. Certain positions may also be eligible for a performance-based incentive as part of total compensation.
• Tuition Reimbursement Program
• Generous Paid Time Off
• 401k Retirement Plan
• Medical, Dental and Vision insurance on first day of employment

Public Partnerships is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PPL, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational programs are based on merit, business needs, job requirements, and individual qualifications. We do not discriminate on the basis of race, color, religion or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, past or present military service, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law. PPL will not tolerate discrimination or harassment based on any of these characteristics.

PPL does not discriminate based on race, color, religion, or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, protected veteran status, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law.