Seattle Cancer Care Alliance (SCCA) brings together the leading research teams and cancer specialists of Fred Hutch, Seattle Children’s, and UW Medicine. One extraordinary group whose sole mission is the pursuit of better, longer, richer lives for our patients. SCCA's purpose is to provide state-of-the-art, patient and family centered care; support the conduct of cancer clinical research and education; enhance access to improved cancer interventions; and advance the standard of cancer care regionally and beyond.
The Information Security Analyst assists in the development, implementation, and management of Seattle Cancer Care Alliance’s Information Security Program. The analyst is responsible for day-to-day operational effectiveness of information security controls and monitoring/responding to security events. The analyst will work closely with information technology teams and business stakeholders to assess, develop, and implement effective security controls.
- Perform incident investigations, electronic discovery requests, and root cause analyses
- Monitor security tools and other system logs and dashboards for security events
- Monitor and take appropriate action, including escalation, for Information Security tickets and email
- Act as subject matter expert for various security technologies and document standard work processes
- Support/lead security incident response activities
- Research and evaluate available technologies and standards to meet requirements
- Monitor, track, and document information security issues and threats to ensure prompt resolution
- Participate in on-call support for after hours coverage as needed
- Identify gaps in safeguards protecting the confidentiality, integrity, and availability of organization systems and data, and develop remediation plans to address those gaps.
- Tune information security tools and processes in accordance with industry best practice and the evolving threat landscape
- Develop and apply security standards and best practices for the organization
- Work closely with internal teams and external vendors to perform security assessments and penetration tests of networks and applications, and prioritize remediation efforts
- Execute projects to improve security event collection, detection, analysis, correlation, and response
- Deliver prompt, courteous, and professional service in a diverse work environment
- Bachelor’s degree or equivalent work experience in a technical discipline related to Information Technology
- Minimum 5 years hands-on information security experience
- Experience in one or more of the following technologies: SIEM, WAF, IDS/IPS, AntiVirus, Vulnerability Management, Malware/APT/Breach Detection, DLP, Mobile Device Management, and Encryption
- Prior success in an operational security capacity (incident response, network security monitoring, troubleshooting, forensics, etc.)
- Excellent interpersonal skills, presentation skills, and verbal / written communication skills
- Organized, responsive, and thorough problem solver
- Ability to work collaboratively with a broad range of staff
- Understanding of compliance and regulatory requirements such as HIPAA and PCI
- Experience hardening/securing virtualization technologies, databases, and operating systems (Windows/Linux) utilizing industry best practices
- Knowledge of networking concepts (routing, switching, VLANs, ACLs), including analyzing network packet captures
- Familiarity with information security policies, standards, industry best practices, and frameworks. (ISO 27K, NIST 800-53, CIS, HITRUST, etc.)
- General information security certification (e.g., CISSP, GSEC, etc.)
- Technical information security certification (e.g., CCSP, GPEN, CEH, etc.)
- Experience with Infrastructure as a Service (IaaS), such as AWS or Azure
- Knowledge of industry best practices related to security concepts
Our Commitment to Diversity
We are proud to be an Equal Employment Opportunity (EEO) and Vietnam Era Veterans Readjustment Assistance Act (VEVRAA) Employer. We are committed to cultivating a workplace in which diverse perspectives and experiences are welcomed and respected. We do not discriminate on the basis of race, color, religion, creed, ancestry, national origin, sex, age, disability (physical or mental), marital or veteran status, genetic information, sexual orientation, gender identity, political ideology, or membership in any other legally protected class. We are an Affirmative Action employer. We encourage individuals with diverse backgrounds to apply and desire priority referrals of protected veterans. If due to a disability you need assistance/and or a reasonable accommodation during the application or recruiting process, please send a request to our Employee Services Center at firstname.lastname@example.org or by calling 206-667-4700.