Apply now »
Apply now

Date: Dec 12, 2018

Location: Newport Beach, CA, US

Company: Hoag Memorial Hospital Presbyterian

Job Description:

The Senior Cyber Security Analyst will actively participate in conducting security assessments of systems to identify vulnerabilities, remediation strategies, and assisting system owners in implementing effective safeguards. The Senior Analyst will lead and coordinate incident response activities, analysis, remediation, mitigation, and perform lessons learned activities.  Senior level support of cyber security initiatives and programs.


  • Develops and maintains Hoag Cyber Security policies, procedures, standards and guidance consistent with Hoag and regulatory requirements.
  • Assists in the planning, implementation, and execution of Cyber Security standards through subject matter expertise, thought leadership, and administration of Cyber Security and IT projects.
  • Partners internally and externally to make effective business decisions.
  • Adapts to competing demands and new responsibilities.
  • Works across teams and/or multiple stakeholders (internal and/or external) to insure deliverables are complete within specified required timeframes.
  • Provides feedback to leadership and mentors team members.
  • Supports in the development of Hoag Cyber Security strategies at the direction of the Chief Information Security Officer.


Job Specific Essential Functions:

  • Design, implementation and development of Cyber Security programs.
  • Develops plans, objectives, scope, schedules, and initiatives.
  • Provides direction and validation of cyber security control tests for Hoag Information Technology, and coordinates access and approvals.
  • Performs ad hoc testing as-needed to assist with incident response and vulnerability remediation.
  • Reviews and tests security controls (technical, operational, managerial) to determine alignment against regulatory requirements (e.g., NIST CSF, HIPAA, HITRUST, PCI).
  • Documents remediation and action plans for corrective action following assessment activities in response to identified vulnerabilities.
  • Drafts security policies and procedures including security plans, corporate specific policies, and departmental policies.
  • Routinely conducts security assessment to quantify impacts of vulnerabilities.
  • Performs other duties as assigned.


Education, Training and Experience



  • Bachelor's degree in Computer Science, Computer Information Systems, Engineering, Business, or related technical field and minimum three (3) years of business/industry experience. Additional equivalent work experience may be substituted for the degree requirement.
  • Experience with vulnerability assessment tools, process, methodologies and frameworks.




  • Three (3-5) years cyber security experience as a subject matter expert working across two or more technology layers (eg., application, network, systems, data).
  • Three (3-5) years experience with Cyber Security operations.
  • Three (3-5) years experience translating business requirements and priorities into cyber security standards.
  • Three (3-5) years of work experience in vulnerability assessment and/or penetration assessment.
  • Experience in a hospital or health care related organization of similar size and complexity.
  • Masters degree in Computer Science, Computer Information Systems, Cyber Security, Cyber Forensics, Engineering, Business, or related technical field.



Skills or Other Qualifications



  • Strong analytical, statistical, systems, technology, and cyber security knowledge.
  • Experience with health care or regulatory mandates and information management.
  • Strong leadership and communication skills required – oral, written and presentation.
  • Ability to effectively interact with multiple business units, partners, and external entities.
  • Exceptional client service focus and/or ability.



  • Incident response experience.
  • Reverse malware engineering experience.
  • Vulnerability assessment experience.
  • Red Team, Blue Team, or Purple Team experience.
  • Threat modeling, data analytics, and use case development.


License and Certifications



  • SANS GIAC (or equivalent)


  • Certified Ethical Hacker (CEH)
  • OSCP



Nearest Major Market: Orange County
Nearest Secondary Market: Los Angeles

Job Segment: Corporate Security, Information Security, Engineer, Law, Security, Technology, Engineering, Legal

Apply now »
Apply now

Similar Jobs

Network With Us

Enter your email and we'll keep you informed about upcoming events and opportunities that match your interests.