Public Partnerships LLC supports individuals with disabilities or chronic illnesses and aging adults, to remain in their homes and communities and “self-direct” their own long-term home care. Our role as the nation’s largest and most experienced Financial Management Service provider is to assist those eligible Medicaid recipients to choose and pay for their own support workers and services within their state-approved personalized budget. We are appointed by states and managed healthcare organizations to better serve more of their residents and members requiring long-term care and ensure the efficient use of taxpayer funded services.

Our culture attracts and rewards people who are results-oriented and strive to exceed customer expectations. We desire motivated candidates who are excited to join our fast-paced, entrepreneurial environment, and who want to make a difference in helping transform the lives of the consumers we serve. (learn more at www.publicpartnerships.com ).

Watch the " What We Do " video on our website: https://www.publicpartnerships.com/about-us/#

Duties & Responsibilities:

• Reporting to the Director of Cybersecurity, the Cybersecurity Analyst is responsible for the operational and technical tasks of the PPL cybersecurity and security risk management program.

• Oversee the day-to-day technical services of the company's cybersecurity platforms, services, and deliverables.

• Represents information security in meetings convened to evaluate new applications and software-as-a-service offerings and evaluates other IT purchases to ensure they meet security and compliance requirements.

• Monitors and validates system and service compliance with information security procedures and policies to ensure consistency of internal controls across departments.

• Maintains up-to-date knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors.

• Serves as a member of the cybersecurity incident response team.

• Develops and executes a cybersecurity awareness training program.

• Works with IS and stakeholders to assess IT risk and recommend information security controls to minimize risk.

• Assists in the development and maintenance of information security policies and procedures.

• Conducts risk assessments of information systems.

• Investigates and follows through on IT security incidents in a geographically distributed environment, considering all relevant technical and non-technical stakeholders during all phases of the incident.

• Analyzes reports about potential / suspected incidents, collects and analyzes technical incident information and log data, investigate, generate reports, and ensure progress on incident tickets.

• Investigates SIEM alerts / events for relevance, severity, and impact and escalates incidents for further investigation or remediation.

• Provides input and guidance for developing and updating runbooks and detection rules.

• Other duties as assigned.

Required Skills:

• Demonstrated knowledge of information security principles and best practices.

• Demonstrated knowledge of social engineering techniques and other information security threats required.

• At least 5+ years of relevant work experience in at least one of the following areas: Cybersecurity operations, Incident Response, Threat Intelligence, Threat Hunting and Digital Forensics.

• Technical system expertise (e.g., gathered from being an IT Administrator) with relevant exposure and expertise in IT Security, in several of the following technologies: Linux and Windows operating systems, web-technologies (encryption, HTTP, REST), networking, cloud environments.

• General knowledge of on-premises, cloud, and mobile computing environments (e.g., Microsoft Windows, Apple Macintosh, Linux, AWS, Azure, Google), scripting languages, and security best practices.

• Working knowledge and demonstrated ability to perform risk assessments, risk impact analysis, mitigating and compensating control recommendations as applied to information security.

• Experience in the following technologies - SIEMs, WAFs, IDS/IPS, anti-malware, EDR, SOAR, secure cloud access, vulnerability scanning platforms, DLP, private cloud, and open-source security frameworks.

• Experience presenting analytic conclusions and research to both technical and non-technical audiences through briefings, emails, etc.

• Experience with Contributing to risk assessments and mitigation strategies for identified threats.

• Familiarity with automation and CI/CD pipeline using various tools like GitHub, Bitbucket, etc.

• General knowledge and demonstrated ability to perform vendor vulnerability and security governance assessments.

• Demonstrated ability to develop, maintain, and execute a cybersecurity awareness program.

• Ability to use discretion when handling confidential information.

• Demonstrated analytical and problem-solving abilities.

Qualifications:

• Bachelor's degree in Information Systems, Computer Science, or related field preferred; combination of equivalent experience and education will be considered.

• Certified Information Systems Security Professional (CISSP), Security+, or other security certifications preferred.

• 4-6 years information security experience required.

• 1-2 years networking experience required.

• 1-2 years Windows and/or Linux server administration experience required.

• 1-2 years of project management experience preferred.

Certification: Azure Security Engineer Associate, CISSP

Compensation & Benefits:

• 401k Retirement Plan

• Medical, Dental and Vision insurance on first day of employment

• Generous Paid Time Off

• Tuition Reimbursement Program

• Employee Assistance Program and more!

• The base pay listed may vary depending on skills, experience, job-related knowledge, and location. Certain positions may also be eligible for a performance-based incentive as part of total compensation.

Public Partnerships is an Equal Opportunity Employer dedicated to celebrating diversity and intentionally creating a culture of inclusion. We believe that we work best when our employees feel empowered and accepted, and that starts by honoring each of our unique life experiences. At PPL, all aspects of employment regarding recruitment, hiring, training, promotion, compensation, benefits, transfers, layoffs, return from layoff, company-sponsored training, education, and social and recreational programs are based on merit, business needs, job requirements, and individual qualifications. We do not discriminate on the basis of race, color, religion or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, past or present military service, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law. PPL will not tolerate discrimination or harassment based on any of these characteristics.

PPL does not discriminate based on race, color, religion, or belief, national, social, or ethnic origin, sex, gender identity and/or expression, age, physical, mental, or sensory disability, sexual orientation, marital, civil union, or domestic partnership status, protected veteran status, citizenship status, family medical history or genetic information, family or parental status, or any other status protected under federal, state, or local law.