Cybersecurity Analyst

The American Hospital Association (AHA) is a national organization that represents and serves all types of hospitals, health care networks, and their patients and communities. The AHA has two main offices, located in Washington, D.C. and Chicago. We are currently seeking an Analyst, Cybersecurity, for our Chicago office. This position is a hybrid role (three days in the office, two days working remote).

Starting base salary = $90,000- $112,000- $134,000 (commensurate with related experience). The AHA is committed to fair and equitable compensation practices. A candidate's salary is determined by various factors including, but not limited to, relevant work experience, skills, certifications, and location.

We offer an excellent total compensation package, which includes medical/dental coverage (PPO/HMO), vision care, life insurance, short- and long-term disability plans, 401(k), tuition reimbursement, paid vacation/holidays/sick days, wellness programs and more!

The Analyst, Cybersecurity, is responsible for protecting AHA's digital assets by ensuring the confidentiality, integrity, and availability of sensitive information. Support incident response efforts; implement and manage cybersecurity solutions that include cloud and email security, single sign-on (SSO) access, email protection, and network security platforms; and play a key role in security awareness training. Additionally, collaborate with the cybersecurity team to strengthen defenses and respond to emerging threats.

Essential Functions include, but are not limited to the following:

* Cloud Security - Implement, configure, and manage Microsoft Defender for Teams, SharePoint, and OneDrive. Conduct regular assessments and optimizations of Defender security policies to enhance threat detection and response capabilities. Stay abreast of Microsoft roadmap for this security suite to ensure best practices and latest security offerings are employed. Assist with assessments of AWS and Azure security reviews.
* Email Security - Implement and maintain email security measures, Defender for Exchange policies, to mitigate email-borne threats and unauthorized access. Regularly review and update email security configurations to adapt to emerging threats and compliance requirements.
* Network Security - Analyze firewall configurations to ensure they align with security policies and best practices. Assess rules for efficacy and coherence to ensure optimal traffic flow while mitigating potential risks. Additionally, manage intrusion detection systems rule and policy configurations, fine-tuning intrusion detection systems to detect and respond effectively to emerging threats.
* Security Education - Administer the security awareness training platform to deliver annual employee training sessions, targeted training modules, and ongoing phishing campaigns. Develop metrics to measure and trend user adoption of safe cyber practices.
* Identity & Access Management - Administer and maintain AHA SSO solution to streamline user authentication processes while enforcing strong access controls and identity management policies. Configure and monitor SSO integrations for enterprise applications to ensure secure access and authentication.
* Security Incident Response - Act as primary for monitoring the cybersecurity inbox and SOC assigned investigations for suspicious activity and/or indicators of compromise. Respond promptly to investigations for potential security breaches. Implement corrective actions to mitigate risks and prevent future incidents. Function as part of the IT Incident Response Team. Manage and/or resolve incident cases generated by the security operations center (SOC) vendor.
* Network Assessments - Support penetration and vulnerability assessments by defining scopes, tracking remediations, and assisting in remediations.
* Security Documentation - Develop and maintain visual representation of firewall and IDS architecture including placement within the network, sensor configurations, and correlation strategies for effective management of these security devices.

The American Hospital Association (AHA) is an Equal Opportunity Employer. We evaluate qualified applicants without regard to race, color, religion, sex, national origin, disability, veteran status, and other legally protected characteristics. We will provide reasonable accommodation for individuals protected by Section 503 of the Rehabilitation Act of 1973, the Vietnam Era Veterans' Readjustment Assistance Act of 1974 and Title I of the Americans with Disabilities Act of 1990. If, because of a medical condition or disability, you need a reasonable accommodation for any part of the employment process, please call (312) 422-3000 and ask for the Vice President, Human Resources and let us know the nature of your request and your contact information.

The AHA participates in the E-Verify Program. #LI-Hybrid