Job Description

The Information security analyst will be responsible for supporting security protocols related to Regional Enterprises Inc’s information infrastructure and network. They work with system administrators to track down security vulnerabilities in the information sharing network to ensure that such weaknesses in the system are addressed and remedied efficiently. Analyst to work continuously on security measures and applications designed to mitigate the risk of malicious intrusion into the network's information sharing structure and internet file sharing. They monitor and upgrade malware, anti-trojan, virus detection, intrusion detection & prevention systems. Conduct analysis on the information sharing structure; and test for security vulnerabilities. Analyst to research new anti-intrusion applications and test their effectiveness against the network's and organization's security protocols and requirements. Create and implement policies, protocols, and procedures for the Organization; as well as managed campaigns testing end user security awareness. Responsible for presenting reports based on risk analysis of the information sharing network.

Location: Ashland or Hayward, Wisconsin

Knowledge, Experience, and Other Job Requirements:

Education: Bachelor’s Degree in Information Systems or Information Security, Associate Degree in Information Systems or Information Security, or other related IT Security areas is preferred. Experience in Healthcare IT preferred but not necessary.

• Experience in information security or related field 3 plus years
• Experience with computer network penetration testing and techniques.
• Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
• Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
• Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.

Core Responsibilities/Competencies:

• Monitor events, investigate potential issues, analyze the risk of identified issues, and work with appropriate teams to develop solutions to correct critical issues
• Audit access throughout systems/applications and ensure access is at appropriate levels
• Analyze systems, security controls, and event logs to detect compromised activity
• Build documentation of existing processes and exceptions based on audit findings
• Test new technologies during proofs of concept to ensure that product claims and abilities meet the company's needs
• Collaborate with team engineers and architects to ensure security of new projects
• Audit the company's security controls to ensure they are working correctly
• Build documentation of existing processes and exceptions based on audit findings
• Proficiency in operating systems (Windows, Mac, Linux/Unix, mobile), network theory/design, penetration testing, endpoint security monitoring, coding and scripting, reverse engineering of malware, enterprise risk methodologies
• Familiarity with authoritative information security resources (the National Institute of Standards and Technology, HIPAA
• Install, upgrade, maintain all security investments at REI; research and develop new strategies
• Work with Security Partners on Penetration tests annually
• Work with Security Partners on Security Information and Event Management System
• Analyze IT requirements and provide objective advice on the use of IT security requirements for all REI systems
• Gather feedback from end users to continue to improve systems
• Design, analyze and implement efficient IT security systems
• Monitor computer networks for security issues
• Investigate security breaches and other cyber security incidents
• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs
• Document security breaches and assess the damage they cause
• Contribute to the Development of company-wide best practices for IT security
• Advise Information System’s colleagues install security software and understand information security management
• Research security enhancements and trends making recommendations to management