Cyber Security Analyst at Managed Health Care Associates, Inc. in parsippany, New Jersey

Job Description:

Who We Are:

Managed Health Care Associates, Inc. (MHA), provides care communities with access, solutions, and insights to help them run their businesses more effectively. Our members include post-acute providers across the care continuum including long-term care, home infusion, and specialty pharmacies, as well as senior living and other group living facilities. Our team of associates are passionate about our common mission of helping people age with grace, and champion our core values of being Curious Learners, Selfless Advocates, and Relentless Finishers.

Who we’re looking for:

The Cybersecurity Analyst at Managed Health Care Associates, Inc. (MHA) plays a crucial role in safeguarding the organization's digital assets by proactively identifying and mitigating security threats. This includes safeguarding the organization’s assets within the Azure cloud and beyond. This position is essential for maintaining the confidentiality, integrity, and availability of MHA's information systems. Through continuous monitoring of the security infrastructure, conducting detailed vulnerability assessments, and responding swiftly to any security incidents, the Analyst ensures the organization's networks and data are protected against cyber-attacks. Collaborating closely with the Cybersecurity Manager, this role contributes to the development and enforcement of comprehensive cybersecurity policies and strategies, enhancing the organization's security posture and compliance with regulatory requirements.

 

What You’ll Be Doing:

Supporting the maturation and development of the MHA Cybersecurity Program:

• Aid in implementing new security controls in line with MHA’s security roadmap, in line with the NIST 2.0 framework, including Cloud Security Posture Management (Azure Cloud), Server and Workstation controls


• Support the alignment of internal cybersecurity initiatives with our parent company’s cybersecurity program, ensuring consistency and strategic focus


• Participate in cross-functional teams to integrate cybersecurity measures across the organization


• Work with various departments to ensure cybersecurity practices are seamlessly integrated into business processes.


• Advance cybersecurity strategies and governance for cloud, software, systems, data, networks, and hardware


• Ensure compliance with standards like HIPAA, HITRUST, SOC, and ISO


• Assist in the evaluation and enhancement of cybersecurity policies and practices

Security Monitoring and Incident Response:

• Monitor security systems and networks for anomalies


• Lead initial incident response efforts


• Document and analyze security incidents

Vulnerability Management:

• Conduct vulnerability scans and risk assessments


• Prioritize and remediate identified vulnerabilities

Risk Management and Compliance:

• Aid in maturing the organization’s information security risk management program, aligned with acceptable risk tolerance


• Work with the Cybersecurity Manager in developing the frameworks for managing risks related to vendors, cloud, and infrastructure


• Gather data and provide input to the Cybersecurity Manager for third-party cybersecurity and vendor audits


• Ensure compliance with legal and regulatory standards

Incident Management and Disaster Recovery:

• Execute, Enforce, and continuously improve the MHA Cybersecurity Incident Response Plan


• Provide feedback on security controls and processes based on incident response and threat analysis


• Document incidents and responses comprehensively for future reference and compliance


• Engage in disaster recovery planning and execution, ensuring organizational resilience


• Conduct regular testing and simulations to validate the effectiveness of recovery strategies

Security Assessments and Training:

• Assist with vulnerability assessments, penetration tests, security audits, and remediation


• Support the cybersecurity awareness training program for all associates


• Promote security best practices among employees

Innovation and Technology Integration:

• Collaborate with the cybersecurity manager on the secure integration of emerging technologies, including Generative AI, ensuring alignment with cybersecurity frameworks.


• Help foster cloud security maturity and advance the implementation of zero trust architecture

 

 What You’ll Bring to the Table:

 Bachelor's Degree in technical field (i.e. computer science) or a related field as preferred or equivalent experience.

• 3-5 years or more of experience in cybersecurity within IT environments, with a preference for candidates with a background in the life sciences industry.


• 5-7 years of comprehensive IT experience, with a focus on Cyber/Information Security roles.


• Proficiency with NGAV/EDR tools, Crowdstrike Falcon Preferred


• Proficiency with Cloud Native Protection Platforms, (e.g., Microsoft Defender for Cloud)


• Skilled in utilizing CrowdStrike Horizon for comprehensive cloud security posture management (CSPM), emphasizing the improvement of multi-cloud security via perpetual monitoring, threat identification, and protection of cloud assets and identities


• Experience with threat hunting activities using advanced tools such as Crowdstrike Falcon, Defender for Cloud, and Azure Log Analytics to identify and mitigate threats


• Proficiency in Information Security frameworks such as NIST, ISO, CIS, PCI, COBIT


• Experience with Security Information and Event Management (SIEM) tools such as Azure Sentinel


• Ability work with cross-functional teams towards achieving tactical and strategic objectives


• In-depth knowledge of networking technologies and IT concepts (e.g., TCP/IP, DNS, DHCP, WINS)


• Demonstrated ability in assessing security postures and supporting strategic roadmaps for cybersecurity maturity


• Possession of current mid-level Information Security Certifications from recognized institutions


• Experience in developing and implementing security policies and standards


• Strong analytical abilities with experience managing multiple projects under tight deadlines


• Deep understanding of information risk concepts, principles, and the business impact of security measures


• Experience working closely with legal, audit, and compliance teams


• Advanced knowledge in developing, maintaining, and overseeing compliance with policies, procedures, standards, and guidelines


• Understanding of legal and regulatory requirements relevant to the life sciences sector (e.g., HIPAA) preferred


• Excellent verbal, written, and interpersonal communication skills, capable of effectively engaging with a broad range of stakeholders from technical teams to business units


• 
  Candidates with strong experience in Azure Cloud Strongly Preferred: Including Azure Active Directory, Security Center, Monitor, and Log Analytics. Knowledge in managing and securing cloud resources, familiarity with Azure Defender and Policy, and understanding best practices for cloud security and compliance is desired

 

What’s Good to Know:

• Up to 5% domestic travel may be required intermittently for job-related events and conferences


• Hybrid Environment (home office and on-site)

 

 Physical Demands:

The physical demands and work environment characteristics described here represent those that an employee must meet to perform the essential functions of this job successfully. Reasonable accommodation may be made to enable individuals with disabilities to perform essential functions.

Physical Demands:

• While performing the duties of this job, the employee is occasionally required to move around the work area; sit.


• perform manual tasks; operate tools and other office equipment such as computer, computer peripherals, and telephones; extend arms; kneel; talk and hear.


• The employee must occasionally lift and move up to 15 pounds.

Mental Demands: Employees must follow directions, collaborate well with others, and manage high workloads.

Work environment:  The noise level in the work environment is usually minimal.

 

Why Join MHA
MHA continues to lead by providing purpose-driven and value-based solutions, which preserve the dignity and grace people deserve, regardless of a

1. Let us be the best place you’ll ever work!

Our associates enjoy the following benefits, and you can, too!

• 
  Staying Healthy
  Comprehensive medical, dental, and vision plans with FSA/HSA options
  Fitness reimbursement
  Access to an Employee Assistance Program


• 
  Enjoying Time-Off
  Paid time off, holidays, personal days, paid parental leave, plus your Birthday as a day off!


• 
  Planning for the Future
  Life Insurance, short-term & long-term disability insurance
  401K match
  Employee Stock Purchase Plan
  Voluntary financial and legal benefits, through our benefits providers


• 
  Learning Continuously
  E-learning programs
  Tuition Reimbursement
  Ongoing Team Trainings


• 
  Making an Impact
  Paid volunteer time-off

Managed Health Care Associates, Inc. is an Equal Opportunity Employer and ensures its employment decisions comply with principles embodied in Title VII, the Age Discrimination in Employment Act, the Rehabilitation Act of 1973, the Vietnam Veterans Readjustment Assistance Act of 1974, Executive Order 11246, Revised Order Number 4, and applicable state regulations

Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information. 41 CFR 60-1.35(c)

Engineering

Apply Now