Security Analyst

Position: IT Security Analyst

We are seeking a skilled IT Security Analyst to serve as the process owner for all activities related to maintaining the availability, integrity, and confidentiality of member, provider, employee, and business information. This role will focus on developing incident investigation workflows for various security incidents and scenarios, documenting breaches, and explaining their root causes. A successful candidate will continuously stay ahead of cybersecurity threats by monitoring the latest industry trends and technologies. This is a collaborative role, working with a team to implement countermeasures based on thorough investigations and proactive research. We are looking for someone who is curious, creative, and passionate about security developments.

Roles and Responsibilities

• Anticipate security threats, generate alerts, incidents, and responses, and recommend controls to minimize their impact.
• Analyze security incidents and breaches, determining root causes and developing detailed documentation of security events.
• Prepare reports on security incidents and assess the damage caused by breaches.
• Recommend and help implement security tools and countermeasures.
• Create and maintain Incident Response Playbooks and Runbooks for various security incident scenarios.
• Perform threat hunting and anomaly detection to identify suspicious activities that require further investigation.
• Monitor and maintain security access systems, ensuring proactive responses to threats.
• Assist in managing network intrusion detection and prevention systems, recommending improvements where necessary.
• Contribute to training employees on security awareness and best practices.
• Investigate improper access, recommend actions, and enforce compliance with security protocols.
• Assist in establishing system controls and implementing security frameworks.
• Produce regular metrics on the state of security within the organization, particularly related to incident response and threat detection.
• Stay up to date with current cybersecurity knowledge by engaging in continuous education, reading professional publications, and participating in relevant networks and organizations.
• Research security enhancements and make recommendations for improving overall security posture.
• Assist in the management of annual penetration testing services.

Position Requirements

• Based in Nashville, TN.
• Bachelors degree in a related field.
• 3-7 years of experience in IT Security (e.g., Security Engineer, Incident Response, Pen Testing).
• 3-8 years of experience in a related IT field (e.g., Systems Engineer, Network Engineer, Systems Analyst).
• Relevant IT Security certifications (CISSP, etc.) are highly desirable.
• Familiarity with industry standards and regulations, including PCI, HIPAA, HITRUST, and others.
• Experience implementing security technologies such as IDS, IPS, EDR, Identity Management, and more.
• Preferred experience with information security in a healthcare environment.

Benefits

• Competitive salary with the opportunity to participate in a performance-based bonus program.
• Comprehensive medical, dental, vision, and life insurance.
• Flexible paid leave and vacation policy.
• 401(k) plan with matching contributions.