Sr. It Operations Security Analyst

To effectively maintain, implement, and communicate IT Security, Disaster Recovery and

Business Continuity (DR/BC) programs and activities. Develops and maintains programs to

support the organization and IT’s strategic direction. The Sr. IT Operations Security Analyst is

responsible for the planning, communication, ongoing support, and execution of program

improvements and coordination between multiple IT programs. Leads program management for

cross-functional, internal, external, and complex programs and may directly supervise program

roles.

• Provides support and oversight of disaster recovery and business resumption exercises;
• Responsible for helping develop, produce, and maintain IT Security, DR/BC Program
• Objectives and keeps projects within cost, scope, schedule, and resource requirements.
• Identifies and actively manages program issues by elevating to leadership appropriately to
• Mitigate risks in a timely manner.
• Organization, and stakeholders.
• Organization’s emergency alert platform.
• Manages and provides supervisory support for programs involving departmental and
• Participates in audits and regulatory inquiries as necessary.
• Multiple functional areas.
• Policies and procedures, standards, and guidelines.
• Tracks and monitors remediation of any issues resulting from DR/BC recovery testing.
• Maintains employee contact information for the DR/BC Plan recovery teams within the
• May supervise and provide guidance to staff as assigned.
• Leads special projects for IT leadership.
• Resources related to IT Security, Business Continuity, and Disaster Recovery; attend
• Other duties as assigned.
• Utilizes improvement and program management expertise to ensure programs deliver
• Emergency situations.
• Continuity Plan (BCP) and Disaster Recovery Plan (DRP).
• Assists with the day-to-day incident and problem management areas supporting the Business
• Creates and oversees IT Cyber Security Training and Awareness Program activities.
• Assists recovery support and business staff during a disaster; act as a coordinator during
• Helps plan and coordinate the testing of recovery services and business support for
• Recovery plans.
• External stakeholders.
• And IT.
• Works with executive, business, and IT leadership teams to develop and maintain viable
• Practices with an emphasis on achieving high-value outcomes for the department,
• Appropriate vendor meetings and conferences, as required.
• Conducts regular simulated social engineering tests using PHC’s simulated phishing tool.
• Stay abreast of current continuity standards, best practices, technologies, and other
• Works directly with leadership teams to develop effective, high-quality programs best
• Oversees the tracking of tasks, timelines, and resources necessary to meet department
• Maintenance of all IT security policies and IT-related portions of the PHC Business
• Outcomes that continuously meet business and stakeholder needs.
• Responsible for the management, development, testing, auditing, and ongoing
• Assists with security breaches and other cybersecurity incidents.
• Creates monthly and quarterly Cyber Security Performance Reports.

Educationand Experience

Bachelor’s degree in Information Technology or Business

Administration, Business Management; at least five (5) years of relevant

program management experience required. In lieu of a degree, a

minimum of eight (8) years of relevant experience including a minimum

of five (5) years of program management experience will be considered.

Minimum two-four (3-5) years of experience in disaster recovery and

business continuity planning. Experience managing program teams with

multiple position levels. Demonstrated proficiency in managing and

coordinating recovery plans from a technical and business process

perspective.

SpecialSkills,Licenses,and Certifications

Critical thinking, strong organization skills with the ability to prioritize

assignments and manage time effectively. Effective communication

skills, both verbal and written, to interpret and articulate project

requirements to involved stakeholders. Excellent attention to detail and

listening skills are required. Experience maintaining HIPAA compliance

standards is a strong plus. The ability to manage and coordinate multiple

tasks on multiple projects with multiple people is a must. Relevant

information security certifications (e.g., CISSP, CISA, CISM, CRISC,

CBCP, or GIAC) are preferred but not required. Project/ program

management certifications are desirable but not required (e.g. PMP,

CAPM).

PerformanceBasedCompetencies

Ability to quickly acquire in-depth knowledge of HealthPlan’s

infrastructure and managed care issues. Ability to self-manage and

develop timelines for projects required. Ability to work effectively with

members and employees at all levels in the organization. Ability to

maintain complete confidentiality of member, employee, and HealthPlan

information. Strong written and oral communication skills with ability to

interpret and understand technical requirements. Excellent analytical

skills to troubleshoot and resolve systems problems.

Work Environment And Physical Demands

More than 80% of work time is spent in front of a computer monitor. May

be required to lift, carry, or move equipment of varying sizes, weighing

up to 25 lbs. May be required to bend, stoop, kneel, crawl, or work in

other non-standing and non-sitting positions to install cabling, systems

hardware, and other related equipment.