San Francisco Health Plan

  • Senior Information Security Analyst

    Job Locations US-CA-San Francisco
    Job ID
    Information Technology Services
    Regular Full-Time
  • Overview

    The Senior Security Analyst performs several core functions for the enterprise. The first is the day-to-day operations of the in-place security solutions.  The second is the identification, investigation and resolution of potential security incidents detected by those systems. Tertiary tasks may include the implementation of new security solutions, leading or participating in the creation and or maintenance of policies, security metrics, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. The Senior Security Analyst is expected to be fully aware of the enterprise’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.



    • Lead the planning and design of enterprise security architecture, under the direction of the ITS Security Team, Security Officer and CIO, where appropriate.
    • Lead the creation of enterprise security documents (policies, standards, baselines, guidelines and procedures) under the direction of the Security Officer, Chief Compliance Officer and CIO, where appropriate.
    • Develop and report key security metrics.
    • Participate in the planning and design of an enterprise Business Continuity Plan and Disaster Recovery Plan, under the direction of the Business Continuity and Disaster Recovery Teams, where appropriate.
    • Maintain up-to-date detailed knowledge of the IT security industry including awareness of new or revised security solutions, improved security processes and the development of new attacks and threat vectors.
    • Lead or manage technical system security audit efforts by working with SFHP Compliance Team members.
    • Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security.
    • Lead the deployment, integration and initial configuration of all new security solutions and of any enhancements to existing security solutions in accordance with standard best operating practices and in compliance with the enterprise’s security documents.
    • Ensure that up-to-date baselines for the secure configuration and operations of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.) are maintained.
    • Ensure that operational configurations of all in-place security solutions as per the established baselines are maintained.
    • Monitor all in-place security solutions for efficient and appropriate operations.
    • Review logs and reports of all in-place devices, whether they be under direct control (i.e., security tools) or not (i.e., workstations, servers, network devices, etc.). Interpret the implications of that activity and devise plans for appropriate resolution.
    • Participate in investigations into problematic activity.
    • Participate and or lead in the design and execution of vulnerability assessments, penetration tests and security audits.



    • Bachelor’s degree preferred and/or 4+ years of equivalent experience.
    • Extensive experience with Next Generation Firewall technologies, preferably Palo Alto Firewalls.
    • One or more of the following certifications:
      • CompTIA Security+
      • GIAC Information Security Fundamentals
      • Microsoft Certified Systems Administrator: Security
      • Associate of (ISC)2
    • Experience IDS/IPS and SIEM technologies.
    • Experience with and knowledge of Penetration Testing methodologies, tools and procedures.
    • Working technical knowledge of vulnerability and port scanning, data loss prevention, email gateways, Web Gateways, web proxies, URL filtering, anti-virus and other standard security monitoring/management tools.
    • Strong understanding of IP, TCP/IP, and other network administration protocols.
    • Strong understanding of Windows Operating Systems
    • Working knowledge of Active Directory and systems administration tasks




    Established in 1997, San Francisco Health Plan (SFHP) is a an award winning,  managed care health plan whose mission is to provide affordable health care coverage to the underserved low and moderate-income residents in San Francisco county. SFHP is chosen by eight out of every ten San Francisco Medi-Cal managed care enrollees and its 148,000+ members have access to a full spectrum of medical services including preventive care, specialty care, hospitalization, prescription drugs, and family planning services. SFHP was designed by and for the residents it serves, and takes great pride in its ability to accommodate a diverse population that includes young adults, seniors, and people with disabilities.


    San Francisco Health Plan is an Equal Opportunity Employer (EOE) M/F/D/V
    Pursuant to the San Francisco Fair Chance Ordinance, we will consider for employment qualified applicants with arrest and conviction records.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed