Security Analyst
Spectrum Health & Human Services · Orchard Park, NY · 4 wk ago
On-siteInformation Technology$68k–$85k/yrFull-time
Major Duties and Responsibilities
- Monitor security alerts, logs, and events from systems such as SIEM, EDR, firewalls, email security, and vulnerability management tools.
- Investigate and respond to potential security incidents, escalating issues as appropriate.
- Support incident response activities, including documentation, evidence collection, root cause analysis, and remediation tracking.
- Aid in vulnerability scanning, risk assessment, patch validation, and security control testing.
- Help maintain compliance with HIPAA, HITECH, HITRUST, NIST, and internal security policies.
- Review access controls and support identity and access management processes.
- Partner with IT, compliance, legal, and clinical teams to identify and reduce security risks.
- Aid in developing and maintaining security policies, procedures, standards, and awareness materials.
- Support phishing investigations, security awareness campaigns, and user education efforts.
- Prepare reports and metrics related to threats, vulnerabilities, incidents, and compliance activities.
- Stay current on emerging cybersecurity threats, especially those affecting healthcare organizations.
Security Monitoring and Incident Response Tools
- SIEM platforms such as Splunk, Microsoft Sentinel, or QRadar;
- EDR/XDR tools such as CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, or Carbon Black;
- IDS/IPS;
- SOAR workflows;
- case management or ticketing systems such as ServiceNow or Jira.
Network and Infrastructure Security
- Firewalls;
- VPNs;
- secure web gateways;
- DNS filtering;
- email security gateways;
- vulnerability scanners;
- endpoint hardening;
- Active Directory;
- Windows and Linux systems;
- basic TCP/IP, routing, and network troubleshooting.
Cloud and SaaS Security
- Azure, AWS, or Google Cloud security controls;
- Microsoft 365 security and compliance tools;
- identity providers;
- MFA;
- conditional access;
- cloud logging;
- secure configuration reviews.
Healthcare Security Environment
- HIPAA-regulated data;
- electronic health record platforms;
- clinical applications;
- medical device networks;
- third-party vendor access;
- protection of protected health information across clinical and administrative workflows.
Hands-on Security Operations
- alert triage;
- log analysis;
- phishing investigation;
- malware containment;
- account compromise investigation;
- vulnerability validation;
- threat hunting;
- evidence collection;
- remediation follow-up.
Core Competencies
- Hands-on threat detection and alert triage using SIEM, EDR/XDR, firewall, identity, endpoint, email, and cloud logs.
- Practical incident response experience, including containment, eradication, recovery coordination, root cause analysis, and post-incident documentation.
- Ability to investigate phishing, malware, suspicious authentication activity, data loss indicators, endpoint anomalies, and network-based threats.
- Working knowledge of vulnerability management, including scan review, risk prioritization, remediation tracking, patch validation, and exception documentation.
- Strong understanding of identity and access controls, including Active Directory, role-based access, privileged access, MFA, conditional access, and access reviews.
- Experience translating technical findings into clear risk statements, executive summaries, tickets, and remediation plans for IT, compliance, and clinical stakeholders.
- Ability to work independently during investigations while collaborating with infrastructure, application, compliance, privacy, and vendor teams.
- Sound judgment when handling protected health information, sensitive security data, and time-sensitive incidents in a regulated healthcare environment.
Education Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience.
Experience
- 3 - 5+ years of experience in cybersecurity, information security, IT risk, or security operations.
- Familiarity with security tools such as SIEM, EDR/XDR, vulnerability scanners, firewalls, IDS/IPS, ethical hacking techniques, and ticketing systems.
- 3- 5+ years of experience and understanding of cybersecurity concepts, including threat detection, incident response, vulnerability management, network security, and access control.
- Knowledge of HIPAA, healthcare privacy/security requirements, or other regulated environments.
- Strong analytical, troubleshooting, and documentation skills.
- Ability to communicate security risks clearly to technical and non-technical stakeholders.
Preferred Qualifications
- Experience working in a healthcare, clinical, and remote office environment.
- Familiarity with frameworks such as NIST CSF, NIST 800-53, ISO 27001, CIS Controls, or HITRUST.
- Certifications such as Security+, CySA+, SSCP, GSEC, CEH, and similar.
- Experience with cloud security concepts across AWS, Azure, or Google Cloud.
- Experience supporting audits, risk assessments, or third-party vendor security reviews.
- Familiarity with electronic health record systems, medical device security, or healthcare IT environments.
Compensation
$68,000- $85,000/ annually