Job Details
Information Security Analyst (Intermediate)
**Company :**
enGen
**Job Description :**
**JOB SUMMARY**
**About Highmark Health:** At Highmark Health, we believe in a world where everyone has access to the best health. We are an integrated delivery network dedicated to transforming healthcare, and our Information Security team plays a critical role in safeguarding our mission-critical assets and protected health information. Join us in building a resilient and secure future.
**The Opportunity:** We are seeking an adaptive, data-driven **Information Security Analyst** to join our dynamic **Vulnerability Management** team. This isn't just about identifying technical vulnerabilities; it's about strategic risk prioritization and proactive defense of our most vital assets. You will be a key player in integrating newly acquired infrastructure, resolving "Redline" risks through advanced telemetry and automated orchestration, and ensuring security is a true business enabler.
If you thrive in a fast-paced environment, understand that security is a business enabler, and are passionate about defending critical systems, we encourage you to apply!
**What You Will Do:**
+ **Strategic Risk Orchestration:** Move beyond traditional CVSS-based patching. Leverage our proprietary methodology to transform millions of raw vulnerabilities into a prioritized, actionable resolution queue, focusing on the highest impact risks.
+ **Operational Asset Discovery & Contextualization:** Serve as a detective for our attack surface. Correlate data from on-premise, cloud, and vendor systems to identify "Crown Jewel" assets and "Operational Core" systems, ensuring business context drives every remediation priority.
+ **M&A Cyber Integration:** Act as a technical security expert for acquisitions. Perform rapid risk assessments of newly acquired infrastructure, identifying technical debt and "Patient Zero" vulnerabilities (e.g., Unattributed KEVs) before integration into the corporate network.
+ **Workflow & Lifecycle Management:** Support the end-to-end remediation pipeline within ServiceNow SecOps. Manage the orchestration between automated discovery and manual resolution, ensuring high-velocity threats like Ransomware and Weaponized exploits are mitigated within strict, evidence-based Service Level Objectives (SLOs).
+ **Governance & RAID Advocacy:** Proactively manage the team's RAID Log (Risks, Assumptions, Issues, Dependencies). Identify and escalate "blockers" - process or technical dependencies - that could impact our security posture or project timelines.
+ **Remediation Partnership & Diplomacy:** Act as a bridge between Security and IT Operations. Participate in remediation forums, providing technical rationales and impact data to help teams prioritize security tasks alongside their operational roadmaps.
+ **Telemetry Integrity:** Monitor the efficacy of our scanning agents and API integrations to ensure 100% visibility across all public clouds and on-premises segments.
**What You Will Bring:**
+ **Experience:** 1-3 years of experience in Information Security, Vulnerability Management, or Risk Advisory.
+ **Vulnerability Frameworks:** Proven experience with attack characteristics & mapping, vulnerability advisories or catalogs, and dynamic risk-based prioritization.
+ **Tech Stack Proficiency:** Hands-on experience with enterprise vulnerability scanners (e.g., Rapid7, Crowdstrike, Asimily, Defender) and cloud security tools.
+ **Governance & Compliance:** Understanding of healthcare and government mandates (e.g., PCI, NYDFS, CMS, HIPAA, NIST CSF, or NIST 800-53).
+ **Operational Awareness:** Experience performing Business Impact Analysis (BIA) or mapping "Critical to Operations" (CTO) dependencies.
**Skills & Abilities:**
+ **Analytical Mindset:** Ability to correlate "unattributed" threats with specific business impact using advanced scoring frameworks like CVSS v4.0 or EPSS.
+ **Cloud & IoT Savvy:** Comfortable identifying risk in ephemeral cloud workloads (e.g., Azure) and legacy medical/IoT devices that cannot be traditionally patched.
+ **Systems Thinking:** Understand how delays in one process create downstream risks in the security pipeline.
+ **Agile Documentation:** Proficiency in maintaining RAID logs and project tracking in a fast-paced environment.
+ **Interpersonal Diplomacy:** Ability to drive remediation while maintaining strong partnerships with "Critical Ops" teams.
+ **Technical Breadth:** Knowledge of secure SDLC best practices, network security architecture, and virtualization security.
**Why Highmark Health?** We offer a challenging and rewarding environment where your contributions directly impact the health and well-being of millions. You'll work with cutting-edge technologies, collaborate with passionate professionals, and have opportunities for continuous learning and career growth.
**ESSENTIAL RESPONSIBILITIES**
+ Perform operational support of information security technology.
+ Perform analysis and resolve problems regarding information security.
+ Complete project tasks to enable the on time, within budget and scope delivery of information security projects.
+ Present new and existing information security information to workforce and management.
+ Assist in incident response procedures.
+ Assist Change Management.
+ Assist in conducting application risk assessments against Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry (PCI).
+ Assure compliance to required standards, procedures, guidelines and processes.
+ Other duties as assigned or requested.
**EDUCATION**
**Required**
+ Bachelor's Degree - Information Security, Information Systems, Information Assurance, Computer Science or related field
**Substitutions**
+ 5 years of Information Security, Governance, Risk and/or Compliance, Information Technology or Business Analysis
**Preferred**
+ None
**EXPERIENCE**
**Required**
+ 3 - 5 years of experience with Information Security and Systems Analysis
+ 3 - 5 years of experience with Information Security and/or Information Risk Management and/or Information Technology
+ 3 - 5 years of experience with Information Security Governance, Risk and/or Compliance functions and activities
+ 3 - 5 years of experience developing, communicating and presenting Information Security and Risk Management concepts to varying audiences
+ 3 - 5 years of experience with technologies such as Intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Event and Incident Management (SEIM), and virtualization platforms
**Preferred**
+ 5 - 7 years of experience with information security and systems analysis
+ Experience working within an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework
+ Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits
+ IT/information security risk advisory experience
+ Governance Risk and Compliance (GRC) tool experience such as ARCHER
+ In-depth understanding of network security architecture, network and networking protocol
**LICENSES AND CERTIFICATIONS**
**Required**
+ None
**Preferred**
**Strategic Vulnerability & Cloud:**
+ **GEVA** (GIAC Enterprise Vulnerability Assessor): Specifically for candidates who understand enterprise-scale vulnerability life cycles beyond just running a scan.
+ **CompTIA CySA+** (Cybersecurity Analyst): This is the gold standard for intermediate analysts focusing on behavioral analytics and threat detection.
+ **AWS:** AWS Certified Security - Specialty (SCS-C02)
+ **Azure:** Microsoft Azure Security Engineer Associate (AZ-500)
+ **GCP:** Google Professional Cloud Security Engineer
+ **Oracle:** OCI Security Professional
+ **OpenShift: Red Hat Certified Specialist in OpenShift Advanced Cluster Security (EX430) CCSK** (Certificate of Cloud Security Knowledge): Provides the governance and architectural foundation for cloud-native risk management.
+ **FIRST.org CVSS v4.0 Training** : Demonstrates they are current on the newest vulnerability scoring standards (crucial for your "Redline" resolution).
**Preferred (Vulnerability & Workflow):**
+ **ServiceNow:** Certified Implementation Specialist - Vulnerability Response (CIS-VR)
+ **Vulnerability:** GIAC Enterprise Vulnerability Assessor (GEVA) or CySA+ **IoT/IoMT:** GIAC Medical Equipment Security (GIME) or GICSP
+ **Cloud Agnostic:** Certificate of Cloud Security Knowledge (CCSK)
+ **CISA ICS/SCADA Training:** Completion of CISA's specialized Industrial Control Systems curriculum.
+ **ISACA CISA (Certified Information Systems Auditor):** Highly valued for the "Regulatory Lens" and auditing complex IoT/IoMT compliance.
**SKILLS**
+ Knowledge of HITRUST CSF, NIST 800-83 cyber security framework, PCI, HIPAA, HITECH, COBIT, ISO 27001/2, and ITIL 3
+ Knowledge of NIST Risk Assessment methodology
+ Familiarity with secure SDLC best practices
+ Knowledge of Microsoft Apps and Suites, Windows server, SharePoint, etc.
+ Strong teamwork and inter-personal skills
**LANGUAGE REQUIREMENT (Other than English)**
None
**TRAVEL REQUIREMENT**
0 %- 25%
**PHYSICAL, MENTAL DEMANDS AND WORKING CONDITIONS**
**Position Type**
Office-Based
Teaches/Trains others regularly
Occasionally
Travels regularly from the office to various work sites or from site-to-site
Occasionally
Works primarily out-of-the office selling products/services (Sales employees)
Does Not Apply
Physical Work Site Required
Yes
Lifting: up to 10 pounds
Does Not Apply
Lifting: 10 to 25 pounds
Does Not Apply
Lifting: 25 to 50 pounds
Does Not Apply
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement:_** _This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.
**Pay Range Minimum:**
$67,500.00
**Pay Range Maximum:**
$126,000.00
_Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J276632
enGen
**Job Description :**
**JOB SUMMARY**
**About Highmark Health:** At Highmark Health, we believe in a world where everyone has access to the best health. We are an integrated delivery network dedicated to transforming healthcare, and our Information Security team plays a critical role in safeguarding our mission-critical assets and protected health information. Join us in building a resilient and secure future.
**The Opportunity:** We are seeking an adaptive, data-driven **Information Security Analyst** to join our dynamic **Vulnerability Management** team. This isn't just about identifying technical vulnerabilities; it's about strategic risk prioritization and proactive defense of our most vital assets. You will be a key player in integrating newly acquired infrastructure, resolving "Redline" risks through advanced telemetry and automated orchestration, and ensuring security is a true business enabler.
If you thrive in a fast-paced environment, understand that security is a business enabler, and are passionate about defending critical systems, we encourage you to apply!
**What You Will Do:**
+ **Strategic Risk Orchestration:** Move beyond traditional CVSS-based patching. Leverage our proprietary methodology to transform millions of raw vulnerabilities into a prioritized, actionable resolution queue, focusing on the highest impact risks.
+ **Operational Asset Discovery & Contextualization:** Serve as a detective for our attack surface. Correlate data from on-premise, cloud, and vendor systems to identify "Crown Jewel" assets and "Operational Core" systems, ensuring business context drives every remediation priority.
+ **M&A Cyber Integration:** Act as a technical security expert for acquisitions. Perform rapid risk assessments of newly acquired infrastructure, identifying technical debt and "Patient Zero" vulnerabilities (e.g., Unattributed KEVs) before integration into the corporate network.
+ **Workflow & Lifecycle Management:** Support the end-to-end remediation pipeline within ServiceNow SecOps. Manage the orchestration between automated discovery and manual resolution, ensuring high-velocity threats like Ransomware and Weaponized exploits are mitigated within strict, evidence-based Service Level Objectives (SLOs).
+ **Governance & RAID Advocacy:** Proactively manage the team's RAID Log (Risks, Assumptions, Issues, Dependencies). Identify and escalate "blockers" - process or technical dependencies - that could impact our security posture or project timelines.
+ **Remediation Partnership & Diplomacy:** Act as a bridge between Security and IT Operations. Participate in remediation forums, providing technical rationales and impact data to help teams prioritize security tasks alongside their operational roadmaps.
+ **Telemetry Integrity:** Monitor the efficacy of our scanning agents and API integrations to ensure 100% visibility across all public clouds and on-premises segments.
**What You Will Bring:**
+ **Experience:** 1-3 years of experience in Information Security, Vulnerability Management, or Risk Advisory.
+ **Vulnerability Frameworks:** Proven experience with attack characteristics & mapping, vulnerability advisories or catalogs, and dynamic risk-based prioritization.
+ **Tech Stack Proficiency:** Hands-on experience with enterprise vulnerability scanners (e.g., Rapid7, Crowdstrike, Asimily, Defender) and cloud security tools.
+ **Governance & Compliance:** Understanding of healthcare and government mandates (e.g., PCI, NYDFS, CMS, HIPAA, NIST CSF, or NIST 800-53).
+ **Operational Awareness:** Experience performing Business Impact Analysis (BIA) or mapping "Critical to Operations" (CTO) dependencies.
**Skills & Abilities:**
+ **Analytical Mindset:** Ability to correlate "unattributed" threats with specific business impact using advanced scoring frameworks like CVSS v4.0 or EPSS.
+ **Cloud & IoT Savvy:** Comfortable identifying risk in ephemeral cloud workloads (e.g., Azure) and legacy medical/IoT devices that cannot be traditionally patched.
+ **Systems Thinking:** Understand how delays in one process create downstream risks in the security pipeline.
+ **Agile Documentation:** Proficiency in maintaining RAID logs and project tracking in a fast-paced environment.
+ **Interpersonal Diplomacy:** Ability to drive remediation while maintaining strong partnerships with "Critical Ops" teams.
+ **Technical Breadth:** Knowledge of secure SDLC best practices, network security architecture, and virtualization security.
**Why Highmark Health?** We offer a challenging and rewarding environment where your contributions directly impact the health and well-being of millions. You'll work with cutting-edge technologies, collaborate with passionate professionals, and have opportunities for continuous learning and career growth.
**ESSENTIAL RESPONSIBILITIES**
+ Perform operational support of information security technology.
+ Perform analysis and resolve problems regarding information security.
+ Complete project tasks to enable the on time, within budget and scope delivery of information security projects.
+ Present new and existing information security information to workforce and management.
+ Assist in incident response procedures.
+ Assist Change Management.
+ Assist in conducting application risk assessments against Health Insurance Portability and Accountability Act (HIPAA) and Payment Card Industry (PCI).
+ Assure compliance to required standards, procedures, guidelines and processes.
+ Other duties as assigned or requested.
**EDUCATION**
**Required**
+ Bachelor's Degree - Information Security, Information Systems, Information Assurance, Computer Science or related field
**Substitutions**
+ 5 years of Information Security, Governance, Risk and/or Compliance, Information Technology or Business Analysis
**Preferred**
+ None
**EXPERIENCE**
**Required**
+ 3 - 5 years of experience with Information Security and Systems Analysis
+ 3 - 5 years of experience with Information Security and/or Information Risk Management and/or Information Technology
+ 3 - 5 years of experience with Information Security Governance, Risk and/or Compliance functions and activities
+ 3 - 5 years of experience developing, communicating and presenting Information Security and Risk Management concepts to varying audiences
+ 3 - 5 years of experience with technologies such as Intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Event and Incident Management (SEIM), and virtualization platforms
**Preferred**
+ 5 - 7 years of experience with information security and systems analysis
+ Experience working within an information security function using the HITRUST Common Security Framework (HITRUST CSF), or the NIST 800-83 cyber security framework
+ Experience supporting SSAE 16 or SOC 2 Security Trust Principle audits
+ IT/information security risk advisory experience
+ Governance Risk and Compliance (GRC) tool experience such as ARCHER
+ In-depth understanding of network security architecture, network and networking protocol
**LICENSES AND CERTIFICATIONS**
**Required**
+ None
**Preferred**
**Strategic Vulnerability & Cloud:**
+ **GEVA** (GIAC Enterprise Vulnerability Assessor): Specifically for candidates who understand enterprise-scale vulnerability life cycles beyond just running a scan.
+ **CompTIA CySA+** (Cybersecurity Analyst): This is the gold standard for intermediate analysts focusing on behavioral analytics and threat detection.
+ **AWS:** AWS Certified Security - Specialty (SCS-C02)
+ **Azure:** Microsoft Azure Security Engineer Associate (AZ-500)
+ **GCP:** Google Professional Cloud Security Engineer
+ **Oracle:** OCI Security Professional
+ **OpenShift: Red Hat Certified Specialist in OpenShift Advanced Cluster Security (EX430) CCSK** (Certificate of Cloud Security Knowledge): Provides the governance and architectural foundation for cloud-native risk management.
+ **FIRST.org CVSS v4.0 Training** : Demonstrates they are current on the newest vulnerability scoring standards (crucial for your "Redline" resolution).
**Preferred (Vulnerability & Workflow):**
+ **ServiceNow:** Certified Implementation Specialist - Vulnerability Response (CIS-VR)
+ **Vulnerability:** GIAC Enterprise Vulnerability Assessor (GEVA) or CySA+ **IoT/IoMT:** GIAC Medical Equipment Security (GIME) or GICSP
+ **Cloud Agnostic:** Certificate of Cloud Security Knowledge (CCSK)
+ **CISA ICS/SCADA Training:** Completion of CISA's specialized Industrial Control Systems curriculum.
+ **ISACA CISA (Certified Information Systems Auditor):** Highly valued for the "Regulatory Lens" and auditing complex IoT/IoMT compliance.
**SKILLS**
+ Knowledge of HITRUST CSF, NIST 800-83 cyber security framework, PCI, HIPAA, HITECH, COBIT, ISO 27001/2, and ITIL 3
+ Knowledge of NIST Risk Assessment methodology
+ Familiarity with secure SDLC best practices
+ Knowledge of Microsoft Apps and Suites, Windows server, SharePoint, etc.
+ Strong teamwork and inter-personal skills
**LANGUAGE REQUIREMENT (Other than English)**
None
**TRAVEL REQUIREMENT**
0 %- 25%
**PHYSICAL, MENTAL DEMANDS AND WORKING CONDITIONS**
**Position Type**
Office-Based
Teaches/Trains others regularly
Occasionally
Travels regularly from the office to various work sites or from site-to-site
Occasionally
Works primarily out-of-the office selling products/services (Sales employees)
Does Not Apply
Physical Work Site Required
Yes
Lifting: up to 10 pounds
Does Not Apply
Lifting: 10 to 25 pounds
Does Not Apply
Lifting: 25 to 50 pounds
Does Not Apply
**_Disclaimer:_** _The job description has been designed to indicate the general nature and essential duties and responsibilities of work performed by employees within this job title. It may not contain a comprehensive inventory of all duties, responsibilities, and qualifications required of employees to do this job._
**_Compliance Requirement:_** _This position adheres to the ethical and legal standards and behavioral expectations as set forth in the code of business conduct and company policies._
As a component of job responsibilities, employees may have access to covered information, cardholder data, or other confidential customer information that must be protected at all times. In connection with this, all employees must comply with both the Health Insurance Portability Accountability Act of 1996 (HIPAA) as described in the Notice of Privacy Practices and Privacy Policies and Procedures as well as all data security guidelines established within the Company's Handbook of Privacy Policies and Practices and Information Security Policy. Furthermore, it is every employee's responsibility to comply with the company's Code of Business Conduct. This includes but is not limited to adherence to applicable federal and state laws, rules, and regulations as well as company policies and training requirements.
**Pay Range Minimum:**
$67,500.00
**Pay Range Maximum:**
$126,000.00
_Base pay is determined by a variety of factors including a candidate's qualifications, experience, and expected contributions, as well as internal peer equity, market, and business considerations. The displayed salary range does not reflect any geographic differential Highmark may apply for certain locations based upon comparative markets._
Highmark Health and its affiliates prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities and prohibit discrimination against all individuals based on any category protected by applicable federal, state, or local law.
We endeavor to make this site accessible to any and all users. If you would like to contact us regarding the accessibility of our website or need assistance completing the application process, please contact the email below.
For accommodation requests, please contact HR Services Online at HRServices@highmarkhealth.org
California Consumer Privacy Act Employees, Contractors, and Applicants Notice
Req ID: J276632
Job #NLX288274161