Security Clearance required:

　　No clearance required

　　Do you want to make a difference?

　　Cognosante employees are passionate about improving people’s lives. With an innovative mindset and an unwavering commitment to those we serve, we partner with healthcare, civilian and defense agencies to deliver exceptional public services and programs. Our multi-faceted technology and customer experience (CX) solutions achieve program outcomes, solve critical challenges and create meaningful change. Whether we are helping Veterans access healthcare faster, ensuring that members of the military complete their missions safely, or helping people obtain health insurance, our work touches millions of people. Are you ready to make a difference?

　　Cognosante IT is looking for a Senior Information Security Analyst to join our infrastructure team to further grow our capabilities and security posture. The infrastructure group is responsible for the architecture, engineering, and operations of the internal systems in place to support the staff and customers of the organization. We’re looking for a talented individual contributor that loves working in a team, solving complex problems, and love technology.

　　What is the position?

　　The Senior Information Security Analyst is responsible for a wide range of activities related to designing, implementing, managing, and monitoring corporate and customer network environments. As a member of the Cognosante Core Engineering team, the Senior Information Security Analyst will collaborate with his peers and management on the acquisition, implementation, and management of security solutions for endpoint protection, anti-malware, URL filtering, and security incident and event management. Typical tasks associated with this role include configuring and administering network devices and servers, monitoring security applications, developing, and updating technical documentation, and reviewing audit logs and other network monitoring data. The Senior Information Security Analyst will also perform routine and ad hoc vulnerability scans and configuration checks of network components and will collaborate with other IT operations staff to evaluate and determine appropriate responses to results from scans or other types of tests. This role may contribute to the development of solution architectures for projects executed on behalf of customers. The Senior Information Security Analyst will maintain continuous awareness of new and existing security threats and vulnerabilities and helps determine their relevance to company operations.

　　What will I get to do?

　　Analyze systems, data, and operating environments to determine appropriate security controls

　　Deploy, maintain, and troubleshoot firewalls, intrusion detection/prevention, VPN, vulnerability assessment tools, event and log analysis, security change tracking and other network security systems and devices

　　Review and provide risk-analysis for requests for network access, changes in or exceptions to firewall rules, device configuration changes, etc.

　　Coordinate with business development/solution teams and project teams to effectively integrate security into technical solution designs and operational practices

　　Research and design security solutions to technical and business problems

　　Investigate and deploy open-source and commercial tools to enhance company security posture

　　Use security tools to hunt for threats, audit infrastructure, detect issues and coordinate remediation of any issues

　　Develop, refine, and perform analysis to discover new or potential incidents and report results

　　Ensure 100% deployment of security agent software to Cognosante endpoints

　　Follow, develop and improve network and security configuration procedures

　　Stay abreast of security concerns/issues, threat and vulnerability alerts, and vendor notifications and regularly update IT and operations leadership

　　Create and maintain documentation and provide detailed records of activities and findings for remediation/mitigation procedures

　　Review system architecture and system design documentation to identify security-relevant aspects of systems and solutions and accurately reflect that information in security documentation

　　Engage in threat hunting and threat remediation

　　Engage in Incident Response and Security Event Monitoring as required.

　　What qualifications do I need?

　　Bachelor’s Degree or equivalent experience

　　5 years relevant experience in IT, Security, or Compliance

　　One or more certifications relevant to networks, IT infrastructure, and security, such as Network+, MSCE, or CCNA

　　Familiarity with government and industry standards related to security, including NIST Federal Information Processing Standards and the 800 series of Special Publications

　　Identity Management (SSO, MFA, etc.)

　　Ability to manage and troubleshoot PKI infrastructure

　　Good awareness of security related compliance frameworks like CIS Critical Controls, ISO 27001, AICPA SOC reports, HITRUST, PCI DSS, and/or HIPAA.

　　Experience with information security tools including but not limited to network scanning, vulnerability scanning, penetration testing tools, endpoint security, antivirus software, event correlation, log analysis, or SIEM tools.

　　Experience integrating, monitoring, or securing systems or environments that process personally identifiable information (PII) or protected health information (PHI)

　　Working knowledge of TCP/IP network architectures and protocols, network and infrastructure security, major operating systems, and products from leading network device vendors

　　What additional characteristics will help me thrive?

　　Relevant certifications such as CISSP, CCNP, GSNA, CISM, CISA, CASP, SSCP, or Security+ Keen interest in designing, implementing, managing, or assessing network and system architectures

　　Willingness to acquire understanding of CMS Acceptable Risk Safeguards and minimum-security requirements specified for health IT solutions such as health insurance exchanges and integrated eligibility systems

　　Experience with or interest in learning scripting tools such as Python, PowerShell or bash

　　Familiarity with tools such as Nmap, Wireshark or tcpdump

　　Familiarity integrating security into solution architecture design and system development life cycle (SDLC) phases and methodologies

　　Solid organizational, interpersonal, verbal, and written communication skills

　　Ability to work effectively as part of an internal IT operations or customer-facing project teams

　　Ability to taking ownership of assigned tasks and deadlines and follow through to completion

　　Ability to perform comfortably in a fast-paced, dynamic work environment

　　Ability to manage multiple short-term and long-term tasks simultaneously

　　Effective time management skills and attention to detail

　　Desire to learn security operations

　　Experience creating support documentation

　　Willingness to acquire capabilities in order to secure configuration of network components, servers, and operating systems, particularly Microsoft Office365 environment

　　What We Offer  

　　Our mission is to provide comprehensive and competitive pay, benefits, services, and programs to eligible employees and their dependents that: 

　　Ensure optimal health and productivity of our employees  

　　Support employee retention and attraction 

　　Provide work/life balance to ensure our employees succeed inside and outside of the office 

　　Compensation

　　$96,760.98 - $154,817.56

　　The pay range for this job is determined by various factors, including but not necessarily limited to location, responsibilities of the job, and alignment with market data. When determining a salary for this role, the following factors may be taken into consideration - contract-specific affordability, education, knowledge, skills, competencies and experience. The estimate displayed represents the salary range for this position and is just one component of Cognosante’s total compensation package for employees. It is not necessarily reflective of actual compensation that may be earned, nor a promise of any specific pay for any specific employee.

　　Cognosante will not provide sponsorship for employment-based immigration benefits for this position.

　　What We Promise  

　　Cognosante employees are inspired by our bold mission to improve lives. To achieve this mission, we put our people first. No matter where they're located around the nation, our innovative workplaces enable individuals to apply their skills and experience to work toward a greater good.

　　We foster a winning culture of solution creators built on innovation, collaboration, flexibility, and work-life balance. And we invest in the next generation of diverse talent to foster an inclusive, progressive, adaptable workplace that prioritizes advancement for all. As an affirmative action employer, we are committed to equal opportunity regardless of race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.  

　　Your safety during your job search is important. Recruiting communications will always be sent through one of the following corporate domain emails (@cognosante.com or @accurate.com).

　　We will never send communications through any other domain, including @cognosantecareers.com, @gmail.com or @yahoo.com). We will never request payment from you, nor will we send payment to you, prior to your start date. If you have been asked to send or receive any payment, or if you have any doubt about whether you have been contacted by a Cognosante employee, please contact us at [email protected]

　　At Cognosante, we innovate with purpose. Each day, we create meaningful change by delivering mission-driven solutions for healthcare, civilian, and defense government agencies. When you work at Cognosante, you’ll apply your talents and grow your career with an organization that believes in the missions of our customers – and the right every employee has to an inclusive, flexible, and collaborative workplace. Work with us, and you’ll be challenged and supported—and have the platform to elevate your career to wherever your professional aspirations lead.​

　　Get to know Cognosante employees

　　We’re driven by our customers’ missions, and measure success by how we improve lives.

　　We believe innovative solutions start with an innovative culture.

　　We believe customer understanding is the key to creating innovative solutions.

　　We know we are stronger together, and we value the diversity of our people.

　　We believe growth should be a core job benefit.

　　Like many other companies, Cognosante has been targeted by scammers making fraudulent job offers to potential candidates. As shared on our company website (https://cognosante.com/careers/) , communications from Cognosante recruiting are only sent with an official corporate domain email (e.g., @cognosante.com) and not a commercial domain e-mail (e.g., @gmail.com or @yahoo.com)). We will never request payment from an applicant, nor will we send payment to an applicant, prior to that individual’s start date.

　　We want to recommend a couple of ways that you can report this incident and take action against these scams:

　　-The FBI: File a Complaint (https://www.ic3.gov/Home/FileComplaint)

　　-The FTC: Report Fraud (https://reportfraud.ftc.gov/#/)

　　Also, if you're not sure where to report the scam, you can find some guidance here: Where to report scams | USAGov (https://www.usa.gov/where-report-scams) .