Lead Security Analyst

At Memorial Hermann, we pursue a common goal of delivering high quality, efficient care while creating exceptional experiences for every member of our community. When we say every member of our community, that includes our employees. We know that when our employees feel cared for, heard and valued, they are inspired to create moments that exceed expectations, while prioritizing safety, compassion, personalization and efficiency. If you want to advance your career and contribute to our vision of creating healthier communities, now and for generations to come, we want you to be a part of our team.

Job Summary

We are looking for a dynamic individual to join our Identity and Access Management (IAM) team. As an IAM lead Security analyst, this position will be responsible for the planning , engineering & development, and execution throughout the lifecycle of one or more software solutions within a business domain.

This includes creating and prioritizing product and business requirements and working closely with business and technology teams to ensure business stakeholder and end user satisfaction goals are met. He or she will ideate and develop requirements and concepts for product enhancements in support of business and technology needs.

• Key Responsibilities:
• Identity Access Management:
o Support and map out the IAM environment identifying areas for improvement and ensuring seamless integration of IAM tools.
o Engineering & custom development of IGA features and application connectors.
o Use out-of-box capabilities and custom connectors , development, and solutions for application onboarding.
o Provide troubleshooting and technical support, diagnose, and resolve issues.
o Design and improve IGA workflows, ensuring alignment with compliance, security policies, and business goals.
o Develop IGA strategies and roadmaps, ensuring they align with enterprise-level security frameworks and future needs.

• Requirements Gathering:
o Lead the requirements gathering process for IAM projects, providing technical support and consultation, working closely with stakeholders to understand and document their needs.
o Analyze the current IAM environment, identify gaps, and suggest improvements to optimize access control, authentication, and user provisioning processes.

• Environment Mapping:
o Develop detailed mappings of the IAM environment, identifying areas for improvement and ensuring seamless integration of IAM tools.
• Stakeholder Collaboration:
o Work with various teams, including IT, cyber security, and cyber risk/compliance, to ensure the IAM environment supports business objectives and regulatory requirements.
• Project Management & Support:
o Facilitate the implementation of IAM solutions, including access governance, role-based access control (RBAC), and single sign-on (SSO) systems
• Documentation & Reporting:
o Create and maintain IAM-related documentation, including user guides, process flows, and technical specifications
• Performs other reasonable duties as required and assigned for this position.

Job Description

Minimum Qualifications Education: Bachelors degree preferred or equivalent experience Licenses/ Certifications: One (1) active security certification (example: CISSP, GIAC, CISA, CISM) Experience / Knowledge / Skills:

• Seven (7) years experience in information security and/or IT auditing Three(3) years of experience in providing security solutions to large network environment (15,000+ node network)

• Strong knowledge of security tools including firewalls, IPS, IDS, encryption, SEIM, vulnerability scanners and other security tools

• Three years of at least two security tool(s) technology at an in-depth level (firewalls, IPS, IDS, encryption, SEIM, vulnerability scanners, content filtering)

• Strong understanding of the conceptual basics of all topologies and protocols in the OSI model

• Strong understanding of Active Directory, networking and database systems

• Strong understanding of risk assessment processes and procedures Record of leading in designing, configuring, troubleshooting and maintaining new security processes and security technologies. (firewall, IPS, IDS, content filtering deployments, Snort, eEye Retina, Nessus, nMap, zixMail or McAfee Endpoint Encryption suite)

• Record of leading information system risk assessments either technical or procedural

• Record of developing and implementing information security policies and procedures

• Strong knowledge of hubs, switches, and routers X knowledge and work experience with Cisco network devices (L2 and L3), large scale ACL management, Microsoft Windows, Unix/Linux, intrusion prevention systems (IPS), application and packet inspection firewalls and denial of service (DoS) technologies

• Generic server load balancer (SLB) knowledge (F5, Cisco ACE, Squid, etc) - Preferred

• Experience evaluating large enterprise security architectures Experience with analyzing and troubleshooting network sessions using sniffer tools such as tcpdump, snoop and WireShark

• Demonstrated pattern of growth in ability to lead others

• Knowledge of Federal and State security regulation – HIPAA/PCI/HITECH/ etc. • Experience with Denial of Service (DoS) mitigation technologies Experience working with centralized authentication / authorization services such as Radius, TACACs, and RSA SecurID

• Current knowledge of security threats, attack methodologies, security principles, best practices, and evasion techniques

• Excellent planning, documentation and organizational skills

• Excellent problem solving skills Possess good communication and interpersonal skills to work successfully in a team environment

• Strong customer service skills Principal Accountabilities Leads in the research, installation, configuration, implementation, troubleshooting and maintenance of security systems and services.

• Leads in performing risk assessment of information assets including: information systems, biomedical systems and data centers.

• Performs vulnerability and penetration testing for internal, external and web applications. Develops new and improves upon existing information security risk assessment methodologies.

• Perform policy reviews and updates information security policies and identifies new policy requirements.

• Leads in implementing controls and procedures to protect information systems from unauthorized or accidental modification, disclosure, or destruction, under the guidance of Senior/Lead Security Analysts or Management.

• Provides unassisted support to application owners, project manager, vendors, and end users.

• Works on teams and provide task completion for all levels of projects.

• Accountable for setting, meeting and overseeing project timelines.

• Develops technical and documentation standards.

• Responsible for designing and planning of complex security systems or services.

• Provides guidance and mentoring to Security Analyst(s).

• Provide status updates to Information Security management on the results of risk assessments.

• Provides subject matter expertise in the design of security processes and mechanisms for applications and operating systems.

• Researches and makes recommendations regarding the acquisition of new security tools and technology.

• Assists in developing and providing on-going training for security analysts. Responsible for covering a 7x24 shift of on call support rotating which is rotated weekly among the Information Security Risk Management team.

• Ensures safe care to patients, staff and visitors; adheres to all Memorial Hermann policies, procedures, and standards within budgetary specifications including time management, supply management, productivity and quality of service.

• Promotes individual professional growth and development by meeting requirements for mandatory/continuing education, skills competency, supports department-based goals which contribute to the success of the organization; serves as preceptor, mentor, and resource to less experienced staff.

• Demonstrates commitment to caring for every member of our community by creating compassionate and personalized experiences. Models Memorial Hermann’s service standards by providing safe, caring, personalized and efficient experiences to patients and colleagues.

• • Other duties as assigned.