• Monitor security alerts from SIEM, EDR, and other security tools during assigned shifts • Perform initial triage and classification of security events following established playbooks • Escalate confirmed incidents to senior analysts with appropriate documentation • Conduct basic threat intelligence research to support ongoing investigations • Assist with vulnerability scan execution and results analysis using Nessus • Support phishing email analysis and user security awareness activities • Document security incidents, actions taken, and lessons learned • Maintain security metrics dashboards and operational reports • Assist with access review campaigns and identity verification processes • Support security tool administration including rule tuning and false positive reduction • Participate in tabletop exercises and incident response drills • Contribute to security awareness training content and delivery

• Incident Management: Lead the technical response to complex security incidents (Ransomware, APTs, Insider Threats), from detection through post-incident lessons learned (Post-Mortem). • Threat Hunting: Perform proactive threat hunting across the network and endpoints, driven by hypotheses informed by Threat Intelligence. • Digital Forensics: Collect and analyze digital artifacts (memory, disk, logs) to reconstruct the attack timeline. • Detection Engineering: Develop and tune correlation rules in the SIEM and detection signatures (YARA, Snort/Suricata). • Automation (SOAR): Build playbooks and scripts (Python/PowerShell) to automate responses to repetitive alerts. • Mentorship: Support the technical development of junior and mid-level analysts (N1/N2).

• Perform as the primary in the executing our annual Service Organization Controls (SOC) reporting initiatives, which includes several Bonterra products • Works closely with other members of the Information Security Risk team • Works closely with control owners across the company and internal and external auditors to ensure requests are completed in a timely manner as part of the overall project management process • Performs technical risk assessments of third party suppliers' security and privacy controls • Maintains register of relevant suppliers/vendors, controls, and risks for ongoing vendor risk management activities • Will be responsible the play book for reporting of high risk events that involve compliance, risk and information security • Assists in maintaining our overall security awareness, role based security trainings and phishing simulation programs across the enterprise • Assists in conducting user activity audits where required

This description is a summary of our understanding of the job description. Click on 'Apply' button to find out more. Role Description US Anesthesia Partners is seeking an Access Control Specialist who is responsible for managing user access across enterprise systems, ensuring compliance with internal security policies and external regulatory requirements. This role plays a critical part in safeguarding sensitive data by overseeing provisioning, deprovisioning, and access reviews, while maintaining detailed documentation for audit readiness. Qualifications - High school diploma. - Minimum 3 years of experience with access reviews, audit preparation, and compliance reporting. - Strong understanding of identity lifecycle management and access control best practices. - Ability to manage and protect sensitive information with discretion and accuracy. - Strong organizational and documentation skills including high attention to detail. - Proficient in using Excel, Microsoft Entra ID and access tracking tools. - Excellent verbal and written communication skills. - Proficient in managing and navigating insurance/payer portals for administrative tasks. - Identity & Access Management (IAM): Microsoft Entra ID, Active Directory. - Ticketing Systems: ServiceNow, FreshService. - Productivity Tools: Microsoft Excel, Power BI, SharePoint, SmartSheet. Requirements - Processes user access requests, including provisioning, deprovisioning, and modifications, based on control policies and employee status. - Identifies and resolves access issues, ensuring alignment with security policies and regulatory standards. - Monitors and responds to Workday notifications regarding employee terminations, transfers, and role changes; promptly revokes or adjusts access as needed. - Conducts regular access reviews to validate appropriate user access and remove outdated access. - Collaborates with HR, IT, and department leadership to support onboarding, offboarding, and internal transfers. - Maintains detailed documentation to ensure all changes are accurately recorded and auditable. - Participates in internal and external audits by providing access control evidence and responding to inquiries. - Supports automation initiatives related to access provisioning and deprovisioning using tools like Power Automate or ServiceNow workflows. Benefits - Occasional Standing. - Occasional Walking. - Frequent Sitting. - Frequent hand, finger movement. - Use office equipment (in office or remote). - Communicate verbally and in writing.