Job Location: Gurugram
About Milliman’s MedInsight Team
The Milliman MedInsight practice has assisted many healthcare organizations in evaluating and developing solutions to complex business problems. Our consultants are experienced in the key issues related to healthcare operations and the use of technology to support those operations. Because of our focus on those unique technology and operations issues facing the healthcare industry, we are uniquely qualified to assist organizations in solving complex business problems. Our Health IT software team has been developing and selling data warehousing solutions for over twelve years.
Milliman is among the world’s largest providers of actuarial and related products and services. The firm has consulting practices in healthcare, property & casualty insurance, life insurance and financial services, and employee benefits. Founded in 1947, Milliman is an independent firm with offices in major cities around the globe.
This position is a Security Analyst who principally supports the operational security of MedInsight and its web-based applications. This position will perform log reviews through our SIEM, triage alarms, escalate events, and assist in the incident management process. The position will also review vulnerabilities and provide recommendations for remediation to the Information Technology team.
- Operational support for information security tool alerts, triaging, and maintenance
- Proactively monitor and investigate anomalies identified by log analysis and reporting tools.
- Use log management tools to monitor and research activity
- Execute on information security activities such as vulnerability management, application development security, business continuity, networking, risk management, etc.
- Perform first level incidence response and computer forensics activities
- Research security trends, new methods, and techniques used to preemptively eliminate the possibility of system breach
- Assist with investigation of incidents and document findings
- Perform data analysis to identify evidence of malicious activity
- Collaborate with IT department and Business colleagues to address security concerns
- 1 – 3 years of experience
- Excellent time management and communication skills
- Ability to join periodic Microsoft Teams meetings with US based team
- Occasional response to off-hour events identified by our security monitoring service
- Strong ability to research technical challenges and learn quickly to provide security guidance
- Demonstrated ability of analytical expertise, close attention to details, critical thinking, logic, and solution oriented
- Ability to read, analyze and interpret technical information and explain in detail
- Ability to communicate effectively with team both orally and in writing
- Familiarity with log management, log monitoring and concepts for vulnerability management
- Ability to work successfully in both Linux and Windows environments
- Basic experience with Microsoft Office
- Understand the basics of Internet protocols
- Shell scripting or similar experience
- Comfortable following procedures/runbooks
Good to have skills:
- Global Information Assurance Certification (e.g., GCIH; GCIA)
- Vendor credentials offered by companies such as Microsoft, or Cisco
- Familiarity with US regulatory frameworks (e.g., NIST 800-53; HIPAA)
- Familiarity with SQL, Kusto, and Lucene queries
- Familiarity with compliance regulations (e.g., FERPA, HIPAA)