The Cyber Security Analyst plays a critical role in maintaining and enhancing the security posture of ProgenyHealth's technology infrastructure. This entry-level position focuses on supporting the monitoring, administration, and continuous improvement of security measures to protect against threats and ensure compliance with healthcare regulations. The analyst will assist in various security initiatives, including conducting phishing simulations, responding to security incidents, researching vulnerability remediation, and supporting data loss prevention efforts. Additionally, the Security Analyst will collaborate with cross-functional teams to implement best practices, contribute to security awareness programs, and participate in risk mitigation to uphold the integrity and confidentiality of sensitive information. This role requires a proactive mindset, strong attention to detail, and the ability to adapt to the dynamic landscape of healthcare cybersecurity.
Responsibilities Include:
- Conduct phishing simulation exercises to test and enhance employee awareness, analyzing the results to inform future training and security strategies.
- Respond to reported phishing emails by performing initial triage, analyzing potential threats, and escalating incidents as necessary to ensure swift and effective action.
- Support the creation and implementation of security awareness training programs, educating staff on the latest threats, best practices, and compliance with organizational policies.
- Assist in managing the data loss prevention program by monitoring data flow, identifying potential risks, and ensuring sensitive information is protected from unauthorized access or misuse.
- Research emerging vulnerabilities and assess their potential impact on the organization, developing and proposing strategies for mitigation to strengthen overall security.
- Contribute to incident response efforts by assisting in investigations, containment actions, and remediation processes, collaborating closely with senior team members to enhance response capabilities.
- Engage in monitoring, detection, and response activities by reviewing security alerts and logs, identifying potential threats, and supporting timely response initiatives to mitigate risk.
- Maintain thorough documentation of security events, training sessions, and incident response actions to ensure compliance with industry regulations and support continuous process improvement.
- Collaborate with IT and security teams to integrate security best practices across all projects and assist with deploying new protective measures as needed to enhance the organization’s cybersecurity framework.
Qualifications:
- 0-2 years of relevant experience in cybersecurity or IT support, preferably with exposure to healthcare security standards.
- Internships or project experience related to cybersecurity and healthcare regulations (e.g., HIPAA, HITRUST) is required.
- A Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
- Relevant certifications (e.g., CompTIA Security+, Certified Ethical Hacker (CEH), GIAC Security Essentials (GSEC)) are advantageous.
- Basic understanding of network security principles and cybersecurity frameworks (e.g., NIST, HIPAA Security Rule).
- Familiarity with endpoint protection solutions, firewalls, intrusion detection/prevention systems (IDS/IPS), and SIEM platforms.
- Strong analytical and problem-solving skills to assess and respond to security incidents effectively.
- Excellent communication skills to articulate security concepts and collaborate with cross-functional teams.
- High attention to detail and the ability to document security events and actions comprehensively.
- Team-oriented with the capability to work collaboratively and independently as needed.
- Understanding of compliance requirements specific to healthcare, such as HIPAA, and the ability to work with policies and procedures to maintain adherence.
- Willingness to participate in ongoing training and professional development to stay updated on evolving cybersecurity threats and technologies.
Company Benefits
Some of the benefits we offer our team are:
- Paid Time Off
- Paid Parental Leave
- Medical, dental, vision benefits
- 401K with company match
- Short- and Long-Term Disability
- Group Life Insurance
- Tuition reimbursement
- Professional development opportunities
- Business Casual work environment