TO APPLY: EMAIL YOUR RESUME TO JOBS@MAESTROHEALTH.COM
We are an employee health & benefits company with a tech-meets-service platform that simplifies and personalizes how employees and employers shop, enroll and live with their benefits. Our innovative technology makes it easy for employees to choose the right benefits plan while equipping HR with the tools they need through one partner, one service team, one platform, one portal.
Maestronites are brought together with a passion to disrupt the status quo by reimagining employee health and benefits. This passion has driven us to create the first complete platform that optimizes the entire benefits experience for everyone. Our people, passion and platform are united by our mission: to make employee health & benefits people-friendly again.
WHAT YOU WILL BE DOING:
We are looking for a capable Security Analyst who enjoys security, audit and compliance work, possesses strong analyst level expertise in the security space and wants to work in a rapidly growing environment that will not offer an opportunity to be bored.
You will make things more secure by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data. Qualified candidates will have a background in security, network engineering and/or systems engineering. Daily responsibilities include but are not limited to:
As part of the team you will be responsible for the physical security of Maestro Health locations including burglar alarm, access control, and CCTV systems.
Identify and define system security requirements for baselines across Microsoft, Apple and Linux Operating Systems, enterprise applications and other SaaS solutions as assigned.
Conduct regular security compliance activities to document, test and prove Maestro Heath’s security program, including but not limited to entitlement reviews, quarterly collection of control evidence, support of client, internal and third party audits and assessments, identification of gaps observed and entering and tracking in system of record.
Assist in developing Information Security Plans and Policies, plan and carry out an organization’s information security strategy. Develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed. Develop strategies to respond to and recover from a security breach.
Assist in educating the workforce on information security through training and awareness campaigns.
Monitor for breaches by establishing, maintaining, and monitoring logging systems for critical infrastructure and applications.
Investigate security incidents, support incident response activities to minimize the impact in accordance with policy and legal requirements. This may frequently include internal reporting, lessons learned, root cause analysis and recommendations to leadership.
Prepare and document standard operating procedures, policies and protocols as relevant to both IT and/or Security.
Configure and troubleshoot infrastructure devices such as firewalls, switches, and routers for increased security, reliability, and failover capacity.
Develop technical solutions and new security solutions to help mitigate security vulnerabilities and automate repeatable tasks.
WHAT SUCCESS LOOKS LIKE:
When clients and visitors come, they comment positively on the look and feel of the office
You understand the business and are able to explain to visitors what we do effectively
No one has to ask twice to get something done, and they are amazed that you have already thought two steps ahead
You anticipate the team’s needs and always make sure that executives have confirmed meetings
You are adaptable and resourceful, able to handle anything that crosses your desk. You make complex things seem simple.
You incorporate fun and humor into your everyday activities and make others feel comfortable and at ease
NORM! Everyone knows your name and you connect coworkers together
You are recognized as demonstrating our core values: Fun. Preparedness. Kindness. Teamwork. Humility. Urgency. Bold Thought. Honesty.
WHAT YOU NEED:
At least two years practical experience with security in high compliance environments such as HIPAA, Sarbanes-Oxley, GPDR, PCI-DSS, PA-DSS, GLBA
At least one current recognized major security certification from the following list or the ability to successfully pass certification at own expense within three months of hire: ISC CISSP, ISACA CISA, Cloud Security Alliance CCSK, SANS 401, CERT/CC SEI security related certifications, Bachelors’ degree in related discipline.
Minimum of two years experience with proven and direct technical information security/risk management responsibility in the following job domains:
Securely Provision: Specialty areas concerned with conceptualizing, designing and building secure IT systems.
Operate and Maintain: Specialty areas responsible for providing the support, administration, and maintenance necessary to ensure effective and efficient IT system performance and security.
Protect and Defend: Specialty area responsible for the identification, analysis and mitigation of threats to IT systems and networks.
Investigate: Specialty areas responsible for the investigation of cyber events or crimes which occur within IT Systems and networks.
Operate and Collect: Specialty areas responsible for the highly specialized and largely classified collection of cybersecurity information that may be used to develop intelligence.
Analyze: Specialty area responsible for highly specialized and largely classified review and evaluation of incoming cybersecurity information.
Support: Specialty areas that provide critical support so that others may effectively conduct their cybersecurity work.
Specific demonstrated experience and competency in at least two of the following specialty areas across the above domains:
Security incident response processes and best practices in a high compliance environment, ranging from simple single malware instances to distributed denial of service, ransomware and botnets.
Network security, including network management, intrusion detection, firewalls and other network gear, wireless technologies and content filtering
Vulnerability management and penetration testing tools, technologies, methodologies and best practices
Risk assessment and management tools, technologies and methods
Familiar with designing secure networks, systems and application architectures, and able to apply to proposed new solutions and changes in existing
Knowledge of disaster recovery, computer forensic tools, technologies and methods
Digital forensics, preservation of evidence and e-discovery, across network, localhost and cloud, using at least one of the following tool sets: EnCase, SIFT, Access Data FT
Successful candidates should also demonstrate:
Experience planning, researching, negotiating, writing, developing security policies, standards and procedures.
Professional experience in a system administration role supporting multiple platforms and applications.
Ability to communicate network security issues to peers and management.
Ability to read and use the results of mobile code, malicious code and anti-virus software results.
Basic project management skills and leadership ability to assist and participate in security related projects and implementations.
A love of learning new technologies and skills as needs are identified.
Creative problem solving skills.
A sense of humor.
WHY WORK AT MAESTRO HEALTH?
We have great benefits:
Personal, Vacation and Sick Time
Medical and Prescription
Life and Disability
Health and Wellness programs
401k with Employee Match
Figo - Pet Insurance
We have great perks in each of our offices, along with a fun, energetic and fast-paced environment, and what will really drive you is our vision. Maestro Health is making employee health & benefits people-friendly again by making healthcare easy to understand, tools easy to use and costs easy to control. We are aiming to become a household name within the employee health & benefits space.
We can’t do that without great people. We want to hear “WOW! That was the best job and business experience I ever had!” from every Maestronite – past, present and future. You should be personally challenged and look forward to coming to work.
Are you ready to become a Maestronite? Let’s do this.
Maestro Health is an equal opportunity workplace. We are committed to equal opportunity regardless of race, color, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability or veteran status.