Cyber Security Analyst

About the Role

We are seeking a Cyber Security Analyst to strengthen our security operations and compliance posture. Reporting into our Information Security Officer, you will play a key role in protecting sensitive data, ensuring regulatory compliance, and supporting the secure adoption of new technologies such as AI. You will work cross-functionally with IT, Engineering, Compliance, and HR to build and maintain secure, resilient processes across the organization.

Responsibilities

• Support secure access lifecycle processes, including provisioning, deprovisioning, role-based access, and MFA/SSO management
• Conduct periodic access reviews and ensure identity data quality
• Perform vulnerability scans across systems and applications, track remediation progress, and partner with teams to prioritize risk-based fixes
• Assist with security assessments of cloud systems and applications, aligning with HIPAA, HITECH, NIST, and HITRUST frameworks
• Support internal and external audit preparation and execution
• Enforce encryption, access controls, and data loss prevention strategies for sensitive data
• Conduct third-party vendor risk assessments and oversee remediation efforts
• Support secure adoption of AI tools by monitoring for risks such as data leakage and prompt injection, establishing governance guardrails, and delivering awareness training
• Participate in endpoint security monitoring, disaster recovery exercises, tabletop simulations, and awareness training initiatives
• Contribute to ongoing security operations, risk management efforts, and special security projects

Qualifications

• 3+ years of experience in IAM, IAM operations, or security analyst roles (healthcare technology or other regulated environments preferred)
• Hands-on experience with identity platforms such as Okta, Azure AD, or Google IdP, plus SCIM, SAML/OIDC/OAuth, directory services, group policy, and conditional access
• Experience with vulnerability management platforms (Tenable, Qualys, Rapid7, AWS Inspect, Kandji) and patch orchestration workflows
• Working knowledge of HIPAA, HITECH, NIST CSF/800-66, and CIS Controls (familiarity with HITRUST CSF is a plus)
• Knowledge of cloud security basics (AWS, Azure, GCP), least-privilege IAM, and networking fundamentals (TCP/IP, DNS, HTTP, VPN, segmentation)
• Familiarity with endpoint security solutions (CrowdStrike Falcon, Cynet, SentinelOne) and DLP tools
• Familiarity with GenAI, keeping up to date with innovative security programs and artificial intelligence systems
• Proactive communication and documentation skills, with the ability to collaborate across technical and non-technical teams globally

The US base salary range for this full-time position is $130,000.00 to $145,000.00. Salary ranges are determined by role and level. Compensation is determined by additional factors, including job-related skills, experience, and relevant education or training. Please note that the compensation details listed in US role postings reflect the salary only, and do not include equity or benefits.

#LI-DNP