HealthPartners is currently hiring for a Senior Cyber Security Analyst. We are a nonprofit integrated care delivery and financing system based in Bloomington, MN. At HealthPartners, you’ll find a culture where we live our values of excellence, compassion, integrity, and partnership. By working together, we will improve health and well-being, create exceptional experiences for those we serve and make care and coverage more affordable. We seek colleagues who wish to help advance diversity, equity and inclusion and foster an environment where everyone feels welcome, included, and valued.

This position provides technical consultation for system and data security and assists in the coordination, development, and implementation of security controls to reduce and manage risk to computer-stored information assets. The security analyst will be responsible for the daily operation, maintenance, and monitoring of a Data Loss Prevention (DLP) system. The analyst will audit and identify weakness and vulnerabilities to HealthPartners’ data and systems, provide analysis concerning resolution to risks and consult with IT groups to ensure compliance of established security processes and controls.

Required Qualifications:

Bachelor’s degree or equivalent. Excellent written and oral communication skills. 5+ years’ experience in Information Technology. 3+ years’ experience in Information Security. Experience with Microsoft Purview (labels and classifications). Experience with M365 Teams, SharePoint Online, OneDrive, and Exchange Online. Experience with Microsoft Defender for Cloud Applications.  Experience with Microsoft Power Platform (Automate / BI). Experience with Microsoft CoPilot. Data Security Posture Management for AI. Experience with Windows Server and/or Linux Server Operating Systems. Excellent desktop tool proficiency including Microsoft products (e.g., Word, Excel, Access, and PowerPoint). Knowledge of structured methodologies and standards such as ISO 27000, NIST, PMI, ITIL, CMMI, OWASP, and CoBit. Knowledge of federal and state security-related legislation including HIPAA, PCI, JCAHO, NCQA, NACHA.

Preferred Qualifications:

CISSP or CISA certification is highly preferred. Experience with ServiceNow. Microsoft Azure. Experience with automation (e.g., PowerShell, Python). Experience with Databricks Security. Experience with Microsoft Intune. Experience with Microsoft PKI. Experience with Email Security Gateways.

Hours/Location:

M-F; Days (afterhours / weekends as needed) On-call Rotation  Position may work remotely but will prefer local/regional candidates for occasional onsite needs.

Accountabilities:

Collaborating with vendors to implement and support DLP technology, including troubleshooting and upgrading. Maintaining DLP technology, configuring policies, and compiling reports for analytics. Monitoring and responding to alerts generated from DLP systems and other technologies. Collaborating on the DLP rule development lifecycle including policy development, response rules, and maintenance. Promotes and implements IT’s security program to ensure the confidentiality, integrity and availability of HealthPartners’ network and infrastructure. Monitors security event reports and actions; ensuring the appropriate response is performed and coordinated. Provides IT security control guidance and interpretation to IT Application, IT Technical Infrastructure, and HealthPartners’ staff and management. Provides security consultation on small to midsize projects. Updates Security Program documentation and recommends changes to the infrastructure to the Security Architect. Promotes and educates staff on security principles and HealthPartners’ policy and process. Assists with the coordination and development of system security enhancements. May coordinate changes to the security infrastructure; ensuring change management processes are followed and the appropriate documentation is gathered. Assesses and documents security deviation requests to ensure the appropriate risk, impact, and approvals are captured. Assess third party alignment to HealthPartners’ Security Standards Gathers documentation and provides subject matter expertise for audit, regulatory requirements, and third parties. Maintains awareness of the latest developments in key areas of responsibility and presents opportunities that might benefit the organization.