Sr IT Security Analyst

At Houston Methodist, the Sr. IT Security Analyst position is responsible for responding to Information Technology security issues throughout the organization and managing IT Security tools used to defend Houston Methodist. Identifies security issues and supports the development of security architecture solutions and implementation plans. This position independently performs security audits and risk assessments. Provides security guidance to stakeholders throughout the organization. Interfaces with technical and non-technical end users and other internal/external groups to assist with security issues and opportunities.

Key Responsibilities

1. Deploy and manage Extended Detection and Response (XDR) solutions to enhance threat detection and response capabilities.
2. Oversee Managed Detection and Response (MDR) services to ensure effective monitoring and incident response.
3. Implement and maintain Microsoft Defender for Endpoint (MDE) solutions to protect against malware, ransomware, and other threats.
4. Monitor and analyze endpoint security alerts to identify potential security breaches.
5. Manage and optimize Security Information and Event Management (SIEM) systems for continuous monitoring and analysis of security events.
6. Monitor and troubleshoot security-related issues to ensure seamless protection and access control.
7. Conduct regular security assessments and vulnerability scans to identify and address potential risks.
8. Develop and implement risk mitigation strategies to enhance the organization’s security posture.
9. Collaborate with cross-functional teams to enhance security protocols and integrate security measures into all aspects of the organization’s operations.
10. Stay updated with the latest industry trends and best practices in security technologies.
11. Provide technical guidance and support to IT staff and end-users.

Skills

1. In-depth knowledge of XDR and MDR solutions, including configuration, management, and optimization.
2. Strong understanding of Microsoft Defender for Endpoint (MDE) tools and technologies.
3. Excellent problem-solving and troubleshooting skills.
4. Strong communication and interpersonal skills.
5. Ability to analyze complex security data and identify patterns indicative of potential threats.
6. In-depth understanding of security best practices and compliance requirements.
7. Experience in developing and implementing policies to ensure regulatory compliance.
8. Commitment to staying updated with the latest security trends, threats, and technologies.
9. Participation in ongoing training and certification programs to enhance security expertise.

PEOPLE ESSENTIAL FUNCTIONS

1. Interfaces with stakeholders throughout the organization to recommend and resolve security issues related to implementation of network, systems and applications security.
2. Utilizing a variety of channels, effectively presents security policies, procedures and awareness programs to technical and non-technical audiences across the organization.
3. Confers with management, programmers and other appropriate stakeholders to support the identification of security applications and data.
4. Mentors more junior staff and serves as role model regarding appropriate security guidelines and protocols.

SERVICE ESSENTIAL FUNCTIONS

1. Independently responds to high level, complex security requests. Proactively monitors potential threats. Prioritizes request tickets.
2. Provides guidance, recommendations and documented security configurations for implementation of security tools and processes.
3. Independently identifies security issues. Resolves as appropriate and makes recommendations for solutions to department management and stakeholders.
4. Supports the definition of security frameworks for existing and new systems and the implementation of new security procedures as appropriate.

QUALITY/SAFETY ESSENTIAL FUNCTIONS

1. Performs security audits and risk assessments. Maintains and updates necessary documentation to support security strategies by outlining requirements and benefits of specific security tools and solutions. This includes diagrams, security standards and disaster recovery plans. Makes recommendations for improvements.
2. Applies advanced security skills and expertise to independently design, develop, deploy, monitor, maintain and control the suite of tools used by the Information security team to protect Methodist's assets.
3. Efficiently manages assigned projects. Provides up to date reports and project and task progress. Tracks incoming and existing issues. May oversee project progress of more junior team members and provide guidance as needed.

FINANCE ESSENTIAL FUNCTIONS

1. Utilizes effective time management and efficient utilization of department resources. Seeks out opportunities to increase efficiency and productivity for self and department.
2. Supports team goals and metrics through efficient, timely and appropriate issue resolution.

GROWTH/INNOVATION ESSENTIAL FUNCTIONS

1. Proactively stays abreast of industry standards and trends. Evaluates existing security policies and procedures and makes suggestions for improvement based on industry trends and business factors.
2. Proactively manages own professional development. Completes Individual Development Plan (IDP).

This job description is not intended to be all-inclusive; the employee will also perform other reasonably related business/job duties as assigned. Houston Methodist reserves the right to revise job duties and responsibilities as the need arises.

EDUCATION

1. Bachelor's Degree. An additional four years experience in addition to the minimum experience requirements below required in lieu of degree.

WORK EXPERIENCE

1. Six years of technical IT experience such as Field Operations or Desktop Support to include at least two years experience in Information Security.