Security Analyst - IS-Security

Minimum Qualifications:

Bachelor's degree and one year of IT or security experience.  An equivalent combination of education and experience relevant to the role may be considered for this position.

Preferred Qualifications:

• Five (5) years of cybersecurity experience.
• Familiarity with healthcare regulations (HIPAA, HITECH, HITRUST).
• Knowledge of NIST cybersecurity standards and risk management frameworks.
• An industry recognized cyber security certification (Security +, CEH, GSEC, CySa+).

Job Summary:

The Security Analyst on the Governance, Risk, and Compliance (GRC) team plays a critical role in safeguarding sensitive information resources and data, ensuring organizational compliance with industry regulations. This position supports the development, implementation, and monitoring of security policies, risk management processes, and compliance frameworks such as HIPAA, TAC 202, UTS 165, and NIST cybersecurity standards.

Job Duties;

• Support Information Security initiatives, projects, and compliance requirements.
• Assisting legal and compliance with litigation holds and requests for information notifications.
• Assist with audits and assessments by gathering evidence and documentation.
• Contribute to risk identification, assessment, register updates, and remediation tracking.
• Prepare and deliver reports on compliance posture, audit findings, and risk metrics for governance activities.
• Provide technical support for security tools, standards, monitoring, and incident investigation procedures.
• Maintain documentation and track incidents, service requests, and exceptions.
• Support the development and implementation of security awareness training programs.
• Assist with investigations into data theft, system abuse, and violations of security/privacy policies.
• Collaborate with team members and senior analysts to ensure timely resolution and reporting.
• Adheres to internal controls and reporting structure.
• Performs related duties as required.

Knowledge/Skills/Abilities:

• Ability to identify risks, gaps, and compliance issues.
• Strong attention to detail in documentation and reporting.
• Clear writing for policies, reports, and audit documentation.
• Maintaining accurate records and compliance documentation.
• Ability to explain compliance requirements to non-technical staff.
• Presentation skills and public speaking.
• Knowledge of information technology and information security fundamentals.

Salary Range:

Actual salary commensurate with experience.

Work Schedule:

Partial Remote to be determined by the Department.  Monday through Friday, 8 am to 5 pm, and as needed on occasion.