Information Security Analyst 1 - Remote Us

Public Partnerships LLC supports individuals with disabilities or chronic illnesses and aging adults, to remain in their homes and communities and “self-direct” their own long-term home care. Our role as the nation’s largest and most experienced Financial Management Service provider is to assist those eligible Medicaid recipients to choose and pay for their own support workers and services within their state-approved personalized budget. We are appointed by states and managed healthcare organizations to better serve more of their residents and members requiring long-term care and ensure the efficient use of taxpayer funded services.

Our culture attracts and rewards people who are results-oriented and strive to exceed customer expectations. We desire motivated candidates who are excited to join our fast-paced, entrepreneurial environment, and who want to make a difference in helping transform the lives of the consumers we serve. (learn more at www.publicpartnerships.com ).

Watch the " What We Do " video on our website: https://www.publicpartnerships.com/about-us/#

Duties & Responsibilities

• Analyzes reports about potential / suspected incidents, collects and analyzes technical incident information and log data, investigate, generate reports, and ensure progress on incident tickets.
• Investigates and follows through on IT security incidents in a geographically distributed environment, considering all relevant technical and non-technical stakeholders during all phases of the incident.
• Conducts risk assessments of information systems.
• Represents information security in meetings convened to evaluate new applications and software-as-a-service offerings and evaluates other IT purchases to ensure they meet security and compliance requirements.
• Investigates SIEM alerts / events for relevance, severity, and impact and escalates incidents for further investigation or remediation.
• Oversee the day-to-day technical services of the company's cybersecurity platforms, services, and deliverables.
• Provides input and guidance for developing and updating runbooks and detection rules.
• Develops and executes a cybersecurity awareness training program.
• Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.
• Reporting to the Director of Cybersecurity, the Cybersecurity Analyst is responsible for the operational and technical tasks of the PPL cybersecurity and security risk management program.
• Serves as a member of the cybersecurity incident response team.
• Monitors and validates system and service compliance with information security procedures and policies to ensure consistency of internal controls across departments.
• Works with IS and stakeholders to assess IT risk and recommend information security controls to minimize risk.
• Assists in the development and maintenance of information security policies and procedures.
• Other duties as assigned.

Required Skills

• Familiarity with automation and CI/CD pipeline using various tools like GitHub, Bitbucket, etc.
• Experience with Contributing to risk assessments and mitigation strategies for identified threats.
• Demonstrated knowledge of information security principles and best practices.
• At least 5+ years of relevant work experience in at least one of the following areas: Cybersecurity operations, Incident Response, Threat Intelligence, Threat Hunting and Digital Forensics.
• Demonstrated analytical and problem-solving abilities.
• Demonstrated knowledge of social engineering techniques and other information security threats required.
• Technical system expertise (e.g., gathered from being an IT Administrator) with relevant exposure and expertise in IT Security, in several of the following technologies: Linux and Windows operating systems, web-technologies (encryption, HTTP, REST), networking, cloud environments.
• Demonstrated ability to develop, maintain, and execute a cybersecurity awareness program.
• General knowledge and demonstrated ability to perform vendor vulnerability and security governance assessments.
• Ability to use discretion when handling confidential information.
• Experience presenting analytic conclusions and research to both technical and non-technical audiences through briefings, emails, etc.
• Experience in the following technologies - SIEMs, WAFs, IDS/IPS, anti-malware, EDR, SOAR, secure cloud access, vulnerability scanning platforms, DLP, private cloud, and open-source security frameworks.
• Working knowledge and demonstrated ability to perform risk assessments, risk impact analysis, mitigating and compensating control recommendations as applied to information security.
• General knowledge of on-premises, cloud, and mobile computing environments (e.g., Microsoft Windows, Apple Macintosh, Linux, AWS, Azure, Google), scripting languages, and security best practices.

Qualifications

• 1-2 years Windows and/or Linux server administration experience required.
• Bachelor's degree in Information Systems, Computer Science, or related field preferred; combination of equivalent experience and education will be considered.
• 1-2 years networking experience required.
• Certified Information Systems Security Professional (CISSP), Security+, or other security certifications preferred.
• 1-2 years of project management experience preferred.
• 4-6 years information security experience required.

Certification: Azure Security Engineer Associate, CISSP

Compensation & Benefits

• Generous Paid Time Off
• Employee Assistance Program and more!
• 401k Retirement Plan
• Medical, Dental and Vision insurance on first day of employment
• The base pay listed may vary depending on skills, experience, job-related knowledge, and location. Certain positions may also be eligible for a performance-based incentive as part of total compensation.
• Tuition Reimbursement Program

Public Partnerships is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PPL, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational programs are based on merit, business needs, job requirements, and individual qualifications. We do not discriminate on the basis of race, color, religion or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, past or present military service, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law. PPL will not tolerate discrimination or harassment based on any of these characteristics.

PPL does not discriminate based on race, color, religion, or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, protected veteran status, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law.