At Northwestern Medicine, every patient interaction makes a difference in cultivating a positive workplace. This patient-first approach is what sets us apart as a leader in the healthcare industry. As an integral part of our team, you'll have the opportunity to join our quest for better health care, no matter where you work within the Northwestern Medicine system. We pride ourselves on providing competitive benefits: from tuition reimbursement and loan forgiveness to 401(k) matching and lifecycle benefits, our goal is to take care of our employees. Ready to join our quest for better?

The Security Analyst Associate, reflects the mission, vision, and values of NM, adheres to the organization’s Code of Ethics and Corporate Compliance Program, and complies with all relevant policies, procedures, guidelines and all other regulatory and accreditation standards.

Northwestern Medicine Information Services drives innovative, high-value solutions to transform health care.

We are committed to supporting the relentless pursuit of better medicine by providing exceptional service to our patients and guests as well as internal clients across the organization. To ensure excellence, our team goes to extraordinary lengths to ensure that our systems work together seamlessly.

Northwestern Medicine understands that technology plays an integral role in shaping the future of health care. Information Services strategically supports the organization by:

• Leveraging AI, automation and rollout of advanced cyber controls that support digital transformation strategies
• Implementing advanced technologies in clinical and administrative areas
• Furthering development of the end user support model to help enhance modern infrastructure

Responsibilities:

• Help in alerts investigation generated by security controls. Implement provided recommendations to improve detection capability accuracy.
• Participate in the optimization of incident response standards and procedure to increase the organization’s cyber resiliency.
• Analyze the enterprise information security environment and identify potential gaps in the security measures to safeguard valuable information assets.
• Help identify, evaluate, and report on information security risks.
• Collaborate with vendors and internal departments to make recommendations to optimize performance of security controls.
• Collaborate with network and technology support teams to enhance and improve security processes and documentation.
• Participate in the evaluation and assessment of information security vulnerabilities, solutions, and organizational posture.
• Stays current with security technologies and threats to contextualize the events observed in the environment.
• Assist in providing initial assessment of impact severity for IT security incidents and executing the appropriate response.
• Investigates any fraud and other computer issues.
• Perform daily operational tasks required for the department to protect NM’s assets. Tasks range from (but are not limited to):
  • Analyze security alerts
  • Maintain endpoint protection infrastructure
  • Facilitate risk evaluation related to vulnerability assessment findings and coordinate risk treatment

Required:

• 0-2 Years of Experience
• Working knowledge of the following subjects:
  • Network (protocols, topologies, TCP/IP)
  • Security controls (proxies, IPS, IDS, Firewall, and packet analyzers)
  • Systems (Windows, Linux/UNIX)
  • Software development (development / scripting languages)
  • Incident Response
  • Threat and Vulnerability Management
• Working knowledge of Security Standards/Controls specified under various IT governance and
• compliance models (NIST, HIPAA, PCI, ISO 27001&27002, ITIL).
• Excellent problem-solving skills
• Demonstrated timely task completion involving solid organizational skills, task tracking, follow-up, and productive peer interaction.
• Excellent verbal and written communication skills.

Preferred:

• Bachelor’s degree preferred or equivalent combination of education and experience
• Certification or courses: Security+, GSEC, GCWN, GCED or CEH a plus.

Northwestern Medicine is an equal opportunity employer (disability, VETS) and does not discriminate in hiring or employment on the basis of age, sex, race, color, religion, national origin, gender identity, veteran status, disability, sexual orientation or any other protected status.

Background Check

Northwestern Medicine conducts a background check that includes criminal history on newly hired team members and, at times, internal transfers. If you are offered a position with us, you will be required to complete an authorization and disclosure form that gives Northwestern Medicine permission to run the background check.  Results are evaluated on a case-by-case basis, and we follow all local, state, and federal laws, including the Illinois Health Care Worker Background Check Act.

Artificial Intelligence Disclosure

Artificial Intelligence (AI) tools may be used in some portions of the candidate review process for this position, however, all employment decisions will be made by a person. 

Benefits

We offer a wide range of benefits that provide employees with tools and resources to improve their physical, emotional, and financial well-being while providing protection for unexpected life events. Please visit our Benefits section to learn more.

Sign-on Bonus Eligibility (if sign-on bonus offered for position): Internal employees and rehires who left Northwestern Medicine within 1 year are not eligible for the sign on bonus. Exception: New graduate internal employees seeking their first licensed clinical position at NM may be eligible depending upon the job family.