Sutter Health Information Security Analyst, 3 - AntiVirus and Internet Filtering in Mather, California


Senior analyst to work in the Security Operations team, providing the highest level of security consultancy and operational support for Windows based security products and tools.

The role is based around operational stability and development of a large environment of 5K+ Microsoft Windows servers and 60K+ Microsoft Windows desktops including a large virtual environment.

The Security Operations group provides a stable, yet agile and dynamic infrastructure platform to support the business functional requirements while managing associated risks.

The role is suited to an experienced Senior Anti-Virus, both traditional and Next Gen, Administrator or Engineer with a proven understanding in enterprise platform security, and experience in advanced scripting or tooling development. Will also act as backup on Internet Filtering (Websense, Forcepoint, BlueCoat, etc.) HealthCare Industry experience a plus.


Relevant work experience as an IT Security Analyst or related field as typically acquired in 6 to 8 years. Three to five (3 to 5) years of healthcare information technology industry experience preferred.

CISSP certification desired.

The Core Responsibilities of this Role Include:

• AntiVirus

o Candidate should have expert knowledge of Trend Micro, traditional A/V, and Cylance, NextGen A/V.

o Design, implement and maintain enterprise Trend Micro/Cylance Anti-Virus solution, including Trend’s Deep Security and Scanning for Storage

o Configure Trend Micro/Cylance AV policies on the server and apply it onto every type of clients.

o Assist in the creation of installation packages for every type of client and server machines.

o Configure and maintain update process.

o Checking regular synchronization and monitoring to ensure signatures are updated.

o Partner with other teams to deploy and Trend Micro/Cylance AV clients on all servers & workstations.

o Troubleshoot all issues related to signature downloading or updating

o Troubleshoot and provide input to the Incident Response team on all issues relating to virus infections/prevention.

• Internet Filtering (below are optimal skills, but internet filtering will not be primary duties)

o Prior internet filtering administration including:

 Configuring policies

 Performing upgrades/patching

 Troubleshooting user access issues

 Creating exceptions

 Integration with other tools including Splunk and Data Loss Prevention

o Expert level experience with proxy technology including:

 PAC files

 Load balancers

 HTTP, HTTPS and FTP protocols

 SSL Decryption and certificate management

o Understanding of Active Directory/LDAP structure and authentication methods (NTLM, IWA).

o Strong networking background (Switching, routing and DNS).

• Proficient in command line Linux administration.

• Knowledge of security best practices and procedures.

• Understanding of virtualization technology (VMWare and XEN).

• Hands on experience with Windows Server 2008/2012.

• Experience with Microsoft SQL Server database configuration and management.

• Ability to conduct research into IT security issues and products as required.

• The ability to interpret and prioritize technical issues and provide thorough and complete support.

• Ability to work in a fast-paced environment with multiple projects under tight deadlines with a can-do attitude.

• Ability to articulate technical issues in a meaningful way to both team and executive level management.

• Must be a team player and build good working relationships across all functions. (networking, database, desktop, DLP, etc.).

• Undertake problem ownership.

• Manage vendor relationship and work to ensure timely resolution to enterprise platform issues.

• Participate in On Call rotation with other team members providing coverage 24x7.

• Provide consultancy services to other IT teams.

• Provide architecture assurance on security platform initiatives.

• Maintain security infrastructure, providing stability by following and using the tools, policies, processes and procedures available.

• Provide a secure environment, managing and mitigating risks.

• Provide reporting and metrics.

• Resolve Incidents and/or outages impacting services provided by the team.

• Create, review, maintain and update documentation.

• Work with colleagues to provide consistent processes and procedures and provide innovative ideas.

• Escalate and liaise with additional internal/external groups when required, resulting in satisfactory resolution.

• Active & Constructive participation within and amongst teams and colleagues.

• Regularly re-evaluate processes and procedures and Instigate service improvement initiatives.

• Provide Input into Business Continuity Planning and Practices.

Bachelor’s degree required or equivalent combination of education and relevant work experience. CISSP desired. Master’s desired.

Primary Location: California, Greater Sacramento Area, Mather

Organization: Sutter Health Information Services

Employee Status: Regular

Benefits: Yes

Position Status: Non-Exempt

Union: No

Job Shift: Day

Shift Hours: 8 Hour Shift

Days of the Week Scheduled: Monday-Friday

Weekend Requirements: Other

Schedule: Full Time

Hrs Per 2wk Pay Period: 80

All qualified applicants will receive consideration for employment without regard to race, color, creed, religion, marital status, sexual orientation, registered domestic partner status, sex, gender, gender identity or expression, ancestry, national origin (including possession of a driver's license issued to individuals who did not present proof of authorized presence in the U.S.), age, medical condition, physical or mental disability, military or protected veteran status, political affiliation, pregnancy or perceived pregnancy, childbirth, breastfeeding or related medical condition, genetic information or any other characteristic made unlawful by local, state, or federal law, ordinance or regulation. External hires must pass a background check/drug screening. Qualified applicants with arrest and/or conviction records will be considered for employment in a manner consistent with Federal, state, and local laws, including but not limited to the San Francisco Fair Chance Ordinance.