Remote Security Analyst (Work from Home)

Applies comprehensive knowledge of programming techniques, networked and centralized operating systems, and the capabilities of enterprise database products and development suites to aid in security evaluations. Evaluates, tests, recommends, develops, coordinates, monitors, and maintains information security policies, procedures, and systems, including hardware, firmware and software.

Ensures that application security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IT standards and overall IT security. Reviews system capabilities and scheduling limitations to determine if requested application or modification is possible within existing system. Prepares program documentation and materials for users.

Provides management with risk assessments and security briefings to advise them of critical issues that may affect customer, or corporate security objectives. Provides technical guidance to lower-level analyst/programmers. Works independently to create, update, implement and model best practices. Leads projects or project steps of varying size and has accountability for ongoing activities related to projects, programs and/or operations.

Applies in-depth professional level knowledge to independently solve a full range of complex problems and offers sensible solutions. Acts as a resource for colleagues with less experience. Represents team in meetings with other work units. Serves as a reliable resource for management.

Job Description
AAMC (Association of American Medical Colleges) is a not-for-profit association dedicated to transforming health care through innovative medical education, cutting- edge patient care, and groundbreaking medical research. The Information Security team plays a critical role in supporting AAMC’s mission through best practice security policies, securing the organizational security posture and security best practices.

In 2019, AAMC started a multi-year transformation of its large product portfolio into modern digital platforms while transitioning from on-premises to AWS cloud services. The AAMC IT team strives to deliver innovative solutions and reliable service that enables amazing user experiences, impactful strategies, and new information insights for the AAMC community and staff.

The Security Analyst will be responsible for the following:
Ensuring that organizational assets are protected from unauthorized access. This includes securing both online and on-premises infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur.
Generating reports for IT administrators and business managers to evaluate the efficacy of the security policies and controls in place.

Help to make the necessary changes for a more secure infrastructure and may also create training programs and modules to educate employees and users on proper security protocols.
Keep organizational security systems up to date, documenting and planning for all security-related procedures, including incident response and disaster recovery plans.

Success in this role requires a consistent record of delivering and maintaining information security controls, thorough analytical skills, solid hands-on information security experience, and the ability to build strong relationships with IT teams. This role reports to Senior Director, Information Security and will work closely with leaders across the IT organization.

Essential Duties: 

Duties Statement:

Work closely with IT teams to ensure that applications and infrastructure environments follow organizational security posture requirements. Participate in developing information security best practices. Help lead the identification and assessment of new security practices, policies, controls and analytical techniques. Prevent and detect security incidents through careful monitoring and analysis.

Conduct security assessments through vulnerability testing and risk analysis and assist in internal and external security audits. Protect critical information by installing and configuring security tools. Assist in monitoring infrastructure traffic and analyze records to identify and investigate anomalies and security incidents. Assist in implementing organization-wide security best practices to protect the organization against existing, new and emerging security threats. Verify the security of third-party vendors security practices and the security practices of strategic organizational partners. Remain current on security best practices and analytical techniques.

Work and collaborate with a team of information security professionals, information managers, and strategic sourcing partners to maintain an internal environment of collaboration, sharing, enthusiasm and mutual respect.
Contribute to a collaborative working environment between the information security team and other IT units. Participate in strategic visioning processes for improving the organizational security posture.

Education:
Bachelors degree in Computer Science, Information Systems or related analytical field

Required Experience:
Minimum 5-7 years of information security experience in hybrid cloud environments.
Experience implementing security policies and procedures by administering and monitoring security profiles, reviewing security violation reports and investigating security incidents.
Experience with penetration testing and techniques and the ability to identify and mitigate network vulnerabilities.
Experience with penetration testing techniques and a solid grasp of vulnerability patch management.
Experience working with sourcing partners and co-managed systems distributed between on-site and offshore locations.

Required Skills and Qualification:
Subject matter expertise in information security best practices, intrusion prevention, incident response, identity access management and computer forensics.
Positive, hardworking demeanor with great collaboration and social skills, and the ability to interact across department groups and organizational teams.
Ability to work under pressure and solve problems using an analytical approach; decisive, fast paced; quick and constructive resolutions of conflicts; and a can-do attitude.

Ability to articulate ideas to both technical and non-technical audiences through excellent written and oral communication skills
Demonstrated ability to deliver results under difficult conditions, particularly when faced with complexity and ambiguity.
The ability to establish effective relationships with internal partners and business teams.

The Association of American Medical Colleges (AAMC) is an Equal Opportunity/Affirmative Action Employer. The AAMC is committed to the policy of an equal employment opportunity in recruitment, hiring, career advancement, and all other personnel practices. The AAMC will not discriminate on the basis of race, color, sex, national origin, religion, age, marital status, personal appearance, sexual orientation, gender identity or expression, family responsibilities, matriculation, political affiliation, genetic information, disability, past or current military service, or any other legally protected characteristic. COVID-19 Vaccine Requirement

———————————————————————-

The AAMC is committed to providing and maintaining a safe work environment for all, taking measures to secure workforce continuity, and promoting the health and wellbeing of our members, stakeholders, and our communities at large. Therefore, the AAMC requires its employees to be fully vaccinated against COVID-19. Employees will be required to show proof they are fully vaccinated. Only vaccines that have been approved or granted Emergency Use Authorization (EUA) by the FDA, or listed for emergency use by the World Health Organization (WHO) will be accepted. More information on acceptable vaccines can be found here. Please attach a resume as part of the application process. It is important that files DO NOT include periods ( . ) within the file name.
BROWSER REQUIREMENTS: Applications must be submitted using Chrome, Mozilla Firefox, Safari, or Internet Explorer v.10 or higher

Remote Work Eligibility

This position is eligible for remote work in the continental US

If a bachelor’s degree is required, related work experience may be substituted in some positions.  One year of college course work at an accredited institution is equivalent to one year of related work experience.

The Association of American Medical Colleges (AAMC) is an Equal Opportunity/Affirmative​​ Action Employer.  The AAMC is committed to the policy of an equal employment opportunity in recruitment, hiring, career advancement, and all other personnel practices. The AAMC will not discriminate on the basis of race, color, sex, national origin, religion, age, marital status, personal appearance, sexual orientation, gender identity or expression, family responsibilities, matriculation, political affiliation, genetic information, disability, past or current military service, or any other legally protected characteristic.

COVID-19 Vaccine Requirement

The AAMC is committed to providing and maintaining a safe work environment for all, taking measures to secure workforce continuity, and promoting the health and wellbeing of our members, stakeholders, and our communities at large. Therefore, the AAMC requires its employees to be fully vaccinated against COVID-19. Employees will be required to show proof they are fully vaccinated.  Only vaccines that have been approved or granted Emergency Use Authorization (EUA) by the FDA, or listed for emergency use by the World Health Organization (WHO) will be accepted. More information on acceptable vaccines can be found here.

Please attach a resume as part of the application process. It is important that files DO NOT include periods ( . ) within the file name.

BROWSER REQUIREMENTS: Applications must be submitted using Chrome, Mozilla Firefox, Safari, or Internet Explorer v.10 or higher.