• Incident Management: Lead the technical response to complex security incidents (Ransomware, APTs, Insider Threats), from detection through post-incident lessons learned (Post-Mortem). • Threat Hunting: Perform proactive threat hunting across the network and endpoints, driven by hypotheses informed by Threat Intelligence. • Digital Forensics: Collect and analyze digital artifacts (memory, disk, logs) to reconstruct the attack timeline. • Detection Engineering: Develop and tune correlation rules in the SIEM and detection signatures (YARA, Snort/Suricata). • Automation (SOAR): Build playbooks and scripts (Python/PowerShell) to automate responses to repetitive alerts. • Mentorship: Support the technical development of junior and mid-level analysts (N1/N2).

• Perform as the primary in the executing our annual Service Organization Controls (SOC) reporting initiatives, which includes several Bonterra products • Works closely with other members of the Information Security Risk team • Works closely with control owners across the company and internal and external auditors to ensure requests are completed in a timely manner as part of the overall project management process • Performs technical risk assessments of third party suppliers' security and privacy controls • Maintains register of relevant suppliers/vendors, controls, and risks for ongoing vendor risk management activities • Will be responsible the play book for reporting of high risk events that involve compliance, risk and information security • Assists in maintaining our overall security awareness, role based security trainings and phishing simulation programs across the enterprise • Assists in conducting user activity audits where required

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description US Anesthesia Partners is seeking an Access Control Specialist who is responsible for managing user access across enterprise systems, ensuring compliance with internal security policies and external regulatory requirements. This role plays a critical part in safeguarding sensitive data by overseeing provisioning, deprovisioning, and access reviews, while maintaining detailed documentation for audit readiness. Qualifications - High school diploma. - Minimum 3 years of experience with access reviews, audit preparation, and compliance reporting. - Strong understanding of identity lifecycle management and access control best practices. - Ability to manage and protect sensitive information with discretion and accuracy. - Strong organizational and documentation skills including high attention to detail. - Proficient in using Excel, Microsoft Entra ID and access tracking tools. - Excellent verbal and written communication skills. - Proficient in managing and navigating insurance/payer portals for administrative tasks. - Identity & Access Management (IAM): Microsoft Entra ID, Active Directory. - Ticketing Systems: ServiceNow, FreshService. - Productivity Tools: Microsoft Excel, Power BI, SharePoint, SmartSheet. Requirements - Processes user access requests, including provisioning, deprovisioning, and modifications, based on control policies and employee status. - Identifies and resolves access issues, ensuring alignment with security policies and regulatory standards. - Monitors and responds to Workday notifications regarding employee terminations, transfers, and role changes; promptly revokes or adjusts access as needed. - Conducts regular access reviews to validate appropriate user access and remove outdated access. - Collaborates with HR, IT, and department leadership to support onboarding, offboarding, and internal transfers. - Maintains detailed documentation to ensure all changes are accurately recorded and auditable. - Participates in internal and external audits by providing access control evidence and responding to inquiries. - Supports automation initiatives related to access provisioning and deprovisioning using tools like Power Automate or ServiceNow workflows. Benefits - Occasional Standing. - Occasional Walking. - Frequent Sitting. - Frequent hand, finger movement. - Use office equipment (in office or remote). - Communicate verbally and in writing.

• Track emerging threats and assess relevance to AWS environment • Triage external and internal inputs and drive validation and investigation • Translate threat intelligence into actions: containment guidance and prioritized remediation • Lead and execute high-severity security incidents across AWS and endpoints • Drive incidents from initial signal through containment and recovery • Reconstruct attacker activity and produce clear incident documentation • Investigate AWS incidents and lead investigations involving common AWS compromise patterns • Improve detection coverage and partner with detection engineering • Build and maintain investigation and response automation using SOAR tools