IT Security Analyst in New York

New York, New York
Opportunity Type
US$ 145,000 - US$ 165,000 per year
Reference number
Ian Adelstein, Tatum Executive Services
Apply now

Opportunity Description

Information Security Analyst

Seeking an experienced Information Security professional to both enhance and maintain the security posture on the enterprise IT architecture. The Information Security Analyst will be responsible for implementing, managing and upgrading various endpoint and network security controls. The Information Security Analyst will be also be primarily responsible managing cyber security incidents and active threat hunting in the environment. The Information Security Analyst must possess the ability to work with business, clinical, IT and other professionals in communicating and resolving IT security incidents and deficiencies within the architecture.

The Information Security Analyst will report to the Chief Information Security Officer (CISO) and will also be required at times to report upstream to the Chief Technical Officer (CTO) and the Chief Information Officer (CIO).


  • Perform Computer Security Incident Response activities, coordinates with other departments to record, resolve, and report incidents
  • Ensure all security logs are being fed into monitoring systems
  • Validate security baseline and patching on an ongoing basis.
  • Daily management and upkeep of endpoint & network security tools such as Anti-Virus, Encryption, Data Loss Prevention, Intrusion Prevention Systems, Web/Email Proxy.
  • Conduct quarterly cyber security incident tabletop exercises.
  • Provide vulnerability assessment, validate security patching and implement countermeasures.
  • Review audit findings, and manage collection of responses and remediation plans
  • Provide tier 2 and tier 3 level security incident response and breach management.
  • Provide day to day security guidance for all IT activities including system development life cycle (SDLC), Asset Management, Change/Configuration Management, Business Continuity Planning/Disaster Recovery and Identity & Access Management.
  • Create security documentation including policies, procedures, plans, and standards to meet Governmental and Industrial security requirements (HIPAA, NIST, PCI, etc.).
  • Will assist the Information Security Architect in evaluating and implementing new IT security solutions and support Hospital's existing security technologies, such as Virtual Private Networks (VPNs), routers, firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Endpoint Security Solutions, Network Access Control (NAC), Data Loss Prevention (DLP), Identity Management and Certification Authorities (CAs), and in authoring documentation.
  • Perform Security Impact Assessments for Change Requests as well as new software/hardware/vendor requests.
  • Maintain and disseminate current knowledge of the latest Information Security trends.


  • Candidate should have 5+ years of experience in the following areas: Network, Endpoint, Application, Web and Database Security
  • Must have experience investigating and responding to cyber security incidents
  • Must have foundational knowledge in one ore more of the following technologies/domains - Windows, Networking, Databases or Web Servers
  • A thorough understanding of TCP/IP fundamentals
  • Healthcare IT experience is highly desirable.
  • Bachelor's degree required
  • CISSP or equivalent certification required.
  • Demonstrated success in working with multiple teams from different disciplines, communicate technical concepts, issues and concerns with non-technical parties, prioritizing issues and resolving conflicts.
  • Must possess strong oral, written and non-verbal communication skills as well as the ability to foster and enhance professional working relationships.
  • Self-motivated and detail-oriented; a team player who is analytical and focused on achieving IT security goals while providing Hospital staff the ability to provide safe, high quality care for all of its patients.

Elements of a Successful Candidate

  • Driven to expand on current healthcare IT security knowledge and expertise.
  • Ability to monitor and synthesize data, identify trends and insights and make recommendations based on rational thinking.
  • Demonstrated cultural competence and ability to interface with a diverse, multi-cultural population; diplomatic and discreet; socially, culturally and politically astute.
  • Committed to improving quality and service and maintains a spirit of cooperation and respect.

Apply now