• IT Security Analyst

    Job Locations US-CA-Whittier
    Requisition ID
    Posted Date
    1 month ago(6/11/2018 3:14 PM)
    Information Technology
  • Overview


    Welcome to Allscripts! Our Mission is to be the most trusted provider of innovative solutions that empower all stakeholders across the healthcare continuum to deliver world-class outcomes. Our Vision is a Connected Community of Health that spans continents and borders. With the largest community of clients in healthcare, Allscripts is able to deliver an integrated platform of clinical, financial, connectivity and information solutions to facilitate enhanced collaboration and exchange of critical patient information.


    The primary purpose of the IT Security Analyst role is to provide support for front-line monitoring and analysis of data feeds from many different security tools, threat monitoring programs, and risk sources throughout PIH Health System in Whittier, CA. The Security Operations team has the mission to implement and operate the security solutions and processes that protect the confidentiality, integrity and availability of PIH Health’s data. 


    • Accountable for monitoring data threads from myriad security tools, correlating those data feeds into a cohesive picture, then performing analysis to determine if the data is a false positive or indications of an external/internal attack or evidence of accidental system access.
    • Also accountable for alerting senior staff when system parameters do not fall within established limits, then taking rapid steps to stop an attack under the (perhaps remote) supervision of senior security team.
    • Assist others in the assimilation of data from these various feeds and rapidly determining if the collection of data points is evidence of a direct attack, a rogue actor attempting to find vulnerabilities in the systems, or false alarms based on unusual behavior patterns.
    • Monitor outputs from audit tools and must be an effective and efficient communicator to follow the abnormal data points back to a root cause.
    • Alert multiple individuals high up in the chain of command and/or take rapid steps to block the exfiltration of sensitive information from our data centers.
    • Run scans of our software (source code) and work with teams to identify all suspected vulnerabilities, then classify them according to risk.
    • Work with the teams to document the scan results and follow-up with corrective action plans designed by Engineers and Architects.





    Academic and Professional Qualifications:

    •  B.S. in Computer Related Field desired 



    Core Requirements: Must have experience in the following areas:

    • 4 years of security expert in network or application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls.
    • Knowledge of current IT security laws and security frameworks.

    Preferred Requirements:

    • Experience monitoring IT Security devices, including firewalls, intrusion detection/ prevention systems (IDS/IPS), data loss prevention systems (DLP), web services, email security, vulnerabilities and software patch maintenance.
    • Experience assessing and prioritizing security alerts from various solutions including antivirus, advanced endpoint protection, firewalls and others.
    • Experiencing performing risk assessments of new hardware and software being introduced into the IT environment. This includes reviewing responses to an IT questionnaire, SOC report analysis and writing up security implementation requirements and their subsequent validation.
    • Experience managing vulnerability scanning operations, including reporting and remediation.
    • Experience coordinating annual enterprise and/or IT risk assessments, Meaningful Use / MACRA assessments, and penetration testing activities being performed by third parties on behalf of the organization and coordinating the remediation of vulnerabilities found during testing.
    • Experience reviewing and recommending security controls to ensure that information resources are properly and consistently protected, regardless of their location, form, or supporting technologies, such as BioMed systems and vendor-supported software and systems.
    • Experience in forensic investigations/analysis, including collaboration with internal and external agencies and offices, as needed.
    • Experience working with Technical Services teams to review configuration changes that could affect high-risk public-facing systems, such as web servers, email systems, and secure file transfer systems.
    • Experience in a rapidly-changing, mission-critical, highly-regulated medium-sized enterprise.
    • Excellent time management and prioritization skills.
    • A dedication and focus on customer-service.
    • Able to work alone or as part of a team equally well.
    • Thrives in a culture of accountability.
    • Owns issues to resolution.
    • Excellent problem resolution approaches and critical thinking skills.
    • Deftly balances time between projects and operations.
    • Performs on-call duties as assigned.
    • Works well with offshore teams.


    • CISA desired


    Travel Requirements:

    •  10%


    Working Arrangements:

    • Work is performed in a standard office environment with minimal exposure to health or safety hazards


    At Allscripts, our greatest strength comes from bringing together talented people with diverse perspectives to support the technology needs of 180,000 physicians, 1,500 hospitals and 10,000 post-acute organizations across the globe. Allscripts offers a comprehensive compensation and benefits package, including holidays, vacation, medical, dental, and vision insurance, company paid life insurance and retirement savings.


    Allscripts policy is to provide equal employment opportunity and affirmative action in all of its employment practices without regard to race, color, religion, sex, national origin, ancestry, marital status, protected veteran status, age, individuals with disabilities, sexual orientation or gender identity or expression or any other legally protected category. Applicants for North American based positions with Allscripts must be legally authorized to work in the United States or Canada. Verification of employment eligibility will be required as a condition of hire.


    From a "VEVRAA Federal Contractor" We request Priority Referral of Protected Veterans


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with Allscripts for future communications and career opportunities.