O

Information Security Analyst II (Security / Identity Access Management (IAM) Analyst)

Operations
On-site
Silver Spring, Maryland, United States

The Information Security Analyst II, Workday is responsible for configuring, maintaining, and advising on security within the Workday application. This includes managing domain security policies, roles, and role assignments. The analyst will coordinate with vendors, ensure compliance with divisional and data security policies, and participate in report reviews to maintain security and data privacy standards.


The Information Security Analyst II supports the InfoSec mission of securing the patient experience. This position executes tasks associated with analysis and remediation of information security risks that could lead to compromise of Children's National systems. Individuals in this position will execute tasks including the cataloging of risks, identification and remediation of vulnerabilities, securing of data, and establishment of policies and standards.


Minimum Education
Bachelor's Degree Bachelor's degree in a computer science, math, engineering, or another relevant discipline or equivalent training and work experience (Required)

Minimum Work Experience
3+ years of experience in cybersecurity with a focus on vulnerability management, cybersecurity operations, analysis, forensics and/or investigations (Required)

Required Skills/Knowledge
Some demonstrated ability to apply key cybersecurity practices, controls, and frameworks
Excellent written and verbal communication and presentation skills; interpersonal and collaborative skills; and the ability to communicate information risk-related concepts to technical as well as nontechnical audiences
Understanding and some application of practices associated with cybersecurity auditing, compliance, and policy
Understanding of and some application of key practices associated with risk assessment, vulnerability management, penetration testing, and threat identification.
Understanding and some application of controls and practices associated with access management, active directory, privileged account management, and authentication
Understanding and some application of key practices associated with incident response, risk remediation, business continuity, disaster recovery, and cyber operations.

Functional Accountabilities
Cyber Analysis



  • Responsible for tasks involved in the identification, documentation, and reporting of cyber risks



  • Execute tasking for development and documentation of cybersecurity policies, standards, and procedures.



  • Engage directly with other CNH business units to ensure security of assets, applications, and data



  • Responsible for the documentation of procedures associated with managing access to CNH systems, data, and other assets



  • Engages in tasks associated with cybersecurity incidents, as required


Organizational Accountabilities
Organizational Commitment/IdentificationΒ 



  • Anticipate and responds to customer needs; follows up until needs are met


Teamwork/Communication



  • Demonstrate collaborative and respectful behavior



  • Partner with all team members to achieve goals



  • Receptive to others’ ideas and opinions


Performance Improvement/Problem-solving



  • Contribute to a positive work environment



  • Demonstrate flexibility and willingness to change



  • Identify opportunities to improve clinical and administrative processes



  • Make appropriate decisions, using sound judgment


Cost Management/Financial Responsibility



  • Use resources efficiently



  • Search for less costly ways of doing things


Safety



  • Speak up when team members appear to exhibit unsafe behavior or performance



  • Continuously validate and verify information needed for decision making or documentation



  • Stop in the face of uncertainty and takes time to resolve the situation



  • Demonstrate accurate, clear and timely verbal and written communication



  • Actively promote safety for patients, families, visitors and co-workers



  • Attend carefully to important details - practicing Stop, Think, Act and Review in order to self-check behavior and performance