Job description

Evolent Health Security Analyst III Evolent partners with health plans and providers to achieve better outcomes for people with most complex and costly health conditions. We seek to connect the pieces of fragmented health care system and ensure people get the same level of care and compassion we would want for our loved ones. Evolent employees enjoy work/life balance, the flexibility to suit their work to their lives, and autonomy they need to get things done. We believe that people do their best work when they're supported to live their best lives, and when they feel welcome to bring their whole selves to work. That's one reason why diversity and inclusion are core to our business. Join Evolent for the mission. Stay for the culture. What You'll Be Doing: We are seeking dedicated professionals who are committed to reducing risk within our Information Security team. This is a challenging opportunity for a Security Analyst III, who will play a key role in supporting the overall security and vulnerability management program and ensuring the security of Evolent's systems and assets. Responsibilities include: • Assist in managing the security, threat, and vulnerability management program, following established policies and processes. • Collaborate with stakeholders to identify gaps in processes and propose necessary enhancements. • Support the expansion of scanning coverage to ensure comprehensive risk assessment. • Assist in improving the security of Docker images, web applications, and other assets. Collaborate with stakeholders to coordinate scanning and remediation efforts. • Conduct health checks for security management tools and reconcile asset information. • Contribute to the development and maintenance of metrics and key performance indicators (KPIs) for security management. • Participate in meetings with stakeholders to address open issues and vulnerabilities and reduce risk. • Review vulnerabilities based on threat intelligence and prioritize remediation efforts accordingly. • Foster effective collaboration with platform owners and application teams to raise awareness and address risks and vulnerabilities. • Collaborate with IT infrastructure partners on strategic and tactical plans. • Communicate with stakeholders to assess the impact and likelihood of loss events. • Generate reports and dashboards using security tools such as SIEM tools to present actionable insights. • Contribute to the creation of Standard Operating Procedures and Working Instructions for the security and vulnerability management process. Required Experience: • Bachelor's degree in Computer Security, Computer Science, or a related field. • 2+ years of experience in security and/or vulnerability management or a related field. • Familiarity with patch management processes. • Proficiency in configuring and troubleshooting Microsoft Windows and Linux-based environments. • Experience with OS patch management on MS Windows and Linux servers in virtualized environments. • Knowledge of security and vulnerability management principles acquired through education and practical experience. • Understanding of security and vulnerability ratings, criticality, and impact. • Eagerness to stay updated on new threats, tactics, and vulnerabilities and their associated risks. • Familiarity with a variety of security and vulnerability management tools like Tenable or Qualys is a plus. • Strong analytical and problem-solving skills. • Excellent written and verbal communication skills. • Ability to manage stakeholders effectively. • Certification such as CISSP, CISM, and CEH is preferred. To comply with HIPAA security standards (45 C.F.R. sec. 164.308 (a) (3)), identity verification may be required as part of the application process. This is collected for compliance and security purposes and only reviewed if an applicant advances to the final interview state. Reasonable accommodations are available upon request. Technical Requirements: We require that all employees have the following technical capability at their home: High speed internet over 10 Mbps and, specifically for all call center employees, the ability to plug in directly to the home internet router. These at-home technical requirements are subject to change with any scheduled re-opening of our office locations. Evolent is an equal opportunity employer and considers all qualified applicants equally without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran status, or disability status. If you need reasonable accommodation to access the information provided on this website, please contact recruiting@evolent.com for further assistance. The expected base salary/wage range for this position is $88,300 - 128,100. This position is also eligible for a bonus component that would be dependent on pre-defined performance factors. As part of our total compensation package, Evolent is proud to offer comprehensive benefits (including health insurance benefits) to qualifying employees. All compensation determinations are based on the skills and experience required for the position and commensurate with experience of selected individuals, which may vary above and below the stated amounts.

Requirements