Health Net, Inc. is a publicly traded managed care organization that delivers managed health care services through health plans and government-sponsored managed care plans. Its mission is to help people be healthy, secure and comfortable. The company provides health benefits to approximately 6.0 million individuals across the country through group, individual, Medicare (including the Medicare prescription drug benefit commonly referred to as "Part D"), Medicaid, Department of Defense, including TRICARE, and Veterans Affairs programs. Health Net's behavioral health services subsidiary, Managed Health Network, Inc., provides behavioral health, substance abuse and employee assistance programs to approximately 5.4 million individuals, including Health Net's own health plan members. The company's subsidiaries also offer managed health care products related to prescription drugs, and offer managed health care product coordination for multi-region employers and administrative services for medical groups and self-funded benefits programs.
For more information on Health Net, Inc., please visit the company's website at
Under the direction of Information Security management is responsible for contributing to the development, maintenance and implementation of the corporate-wide Information Security Policy and Program. This position requires security analysis, monitoring, and implementation of security project safeguards, processes or procedures. Specializes in one or more areas in analyzing security risks, recommending and implementing security safeguards, and monitoring compliance to security laws and regulations. Interacts with technical and business personnel to meet business requirements in a secure manner.
The Senior Information Security Analyst will be part of a 24x7 on-call rotation for Incident Response.
ESSENTIAL DUTIES AND RESPONSIBILITIES:
- Guides and mentors Information Security Analysts.
- Recommends, maintains and implements information security policies, standards, guidelines and procedures to ensure compliance with Information Protection program.
- Recommends, maintains and implements security awareness to assist the education and training of employees regarding information security issues, policies, standards and guidelines.
- Acts a lead for Information Security risk assessments and recommends appropriate and cost effective controls to address identified security-related risks.
- Implements complex security project tasks including implementing components of the Information Protection program.
- Provides assistance to Internal Audit and other departments regarding information security issues and controls.
- Assists with and reports on the investigation of complex information security-related incidents including fraud, misuse, and abuse.
- Monitors and responds to security events in security audit logs.
- Maintains and implements security measurement criteria to monitor compliance to policies and standards.
Evaluates third party products and services to verify that they meet security standards.
- Monitors and guides security administrators and liaisons regarding their compliance to standards.
- Provides a leadership role in the development and implementation of consistent application and infrastructure security programs.
- Provides a leadership role in the development and implementation of consistent user account security.
- Performs other duties as requested.
College Degree in Computer Science or Information Security or equivalent work experience preferred
Must have a current CISSP certification.
National Agency Check (NAC) background clearance required
Knowledge, Skills & Abilities:
- Minimum five years experience in Information Technology and/or networks
- Minimum three years experience in Information Security related positions
- Minimum one year supervisory or team lead experience
- Excellent oral and written communication skills are required
- Knowledge of how security technologies, processes and controls fit into both the Information Services and corporate business environment, as well as experience with one or more security technologies and/or Operating Systems (e.g., Windows, Unix, VMS, Active Directory, DNS, RACF, CISCO, CITRIX, etc)
- Requires some systems analysis or programming and organizational skills
- Requires interpersonal skills to interface with clients, security liaisons and administrators in determining security controls to be implemented
- Project Management knowledge is preferred.
The following section describes the general physical requirements for this position. Please note that 'constant' refers to more than 81% of time; 'significant' refers to 40-80%; and 'moderate' refers to 20-40% of the time.
- Operates personal computers, printers, facsimile, telephones, copy machines and other commonly used office accessories/equipment.
- Exposed to confidential information and expected to maintain confidentiality at all times; must adhere to HIPAA rules and regulations.
- May be required to work outside of normally scheduled hours as mandated by the client, project and/or workload (e.g. evenings, weekends, and/or holidays).
- May be required to maintain established work pace, meet deadlines; may have last minute urgent requests.
- Physical activity may include: twisting, reaching, kneeling, bending, stooping, squatting, crawling, grasping, grabbing, pushing, pulling, repetitive motion, climbing, etc.
- Required to have visual acuity to determine the accuracy, neatness, and thoroughness of the work assigned.
- Required to have hearing ability to receive detailed information through oral communication.
- Required to have speaking ability to express or exchange ideas.
- Computer usage including constant typing and/or eye strain.
- Moderate repetitive arm, wrist, hand and finger motions -- making repetitive movements (e.g. key boarding, filing, data entry).
- Moderate phone usage; headsets may be required.
- Constant sedentary work (desk bound or seated).
- Constant reading is required via computer screen and/or bound printed materials.
- Constant concentration may be required on various subjects by listening, reading and thinking clearly.
- Constant interaction with others may be required. May need to listen, think, and speak in order to interact with others. Business interactions and behavior between coworkers and/or external customers are required. This may require face-to-face or telephone interactions.
- Constant thinking at work may include listening, learning, analyzing, evaluating, and the ability to interpret what is seen and/or heard, or to link information from one or several things to the next.
Any combination of academic education, professional training or work experience, which demonstrates the ability to perfom the duties of the position.
As a government contractor, this position requires U. S. citizenship and proof of favorable adjudication following submission of Department of Defense form SF86 or higher security
Health Net, Inc. supports a drug-free work environment and requires pre-employment background and drug screening.
Health Net and its subsidiaries are an Equal opportunity/Affirmative Action Employer M/F/V/D.