Information Security Analyst - Remote

Panoramic Health

Come Join our team!!

The Security Analyst will play a critical role in supporting Panoramic Health’s information security function. The role is critical in supporting the Director of Information Security in safeguarding the confidentiality, integrity, and availability of our organization’s information assets and technology products. The analyst will assist in executing on defined strategies, mitigating discovered risks, and assisting with scheduled activities needed to maintain and improve the security program.

Duties and Responsibilities

• Utilize SIEM and similar tools for security monitoring, incident response, and threat detection. Develop and maintain security dashboards and alerts.
• Continuously review security configurations, recommend improvements, and ensure that findings are addressed in a timely manner.
• Respond to and escalate incidents as appropriate. Develop and maintain incident response playbooks, ensuring a structured and efficient response to security incidents. Participate in or lead incident response tabletop exercises.
• Leverage scripting languages and query tools for automation, reporting, and data analysis.
• Maintain software allow/block lists and ensure available patches are applied timely.
• Ensure asset inventories are current and accurate.
• Manage and support the security of email environments, utilizing an understanding of phishing techniques to assist in identifying, confirming, and neutralizing potential threats in quarantine or reported by users.
• Educate users through simulated phishing campaigns and user awareness training including developing content for newsletters, presentations, and role specific learning.
• Manage and monitor user directories, implement conditional access policies, and perform access and directory health reviews. Implement other least privilege practices and maintain data loss prevention strategies.
• Support compliance efforts with frameworks such as HIPAA, HITRUST, and PCI. Conduct third-party risk assessments, participate in assessments and evidence gathering, and ensure maintenance of and adherence to policies and procedures.
• Schedule or conduct and then manage remediation of findings from External and Internal Network and Application Penetration Tests and Vulnerability Scans.
• Assist in improving, testing, and verifying business continuity and disaster recovery plans including verification of backups and technical recovery procedures.
• Stay current with new security technologies and trends. Evaluate and recommend new tools and solutions to enhance the organization's security capabilities.
• Perform other duties and responsibilities as required, assigned or requested

Functional/Technical Skills and Abilities

• Excellent problem-solving skills and the ability to work under pressure.
• Experience with Security configuration and components in a cloud-based environment using Microsoft Azure, 365, Sentinel, Entra, and Defender.
• Experience with networking and firewall concepts.
• Experience with modern platforms for ticketing, training, endpoint, vulnerability, configuration, posture, and patch management, e.g., JIRA, Manage Engine, KnowBe4, Intune, CrowdStrike, Qualys, Tenable etc.
• HR Risk Rating Designation (TBD)

Education/Training and Certification, Licensure, Registration Requirements

• Relevant security certifications (e.g., CISSP, CISM, Azure Security Engineer) are a plus.

Experience

• At least four to six years of experience in a similar role focusing on security and compliance in Health Information Technology.

Environment and/or Physical Factors

• Prolonged periods sitting at a desk and working on a computer.
• Must be able to lift up to 15 pounds at a time.

Desired Qualifications

• Experience with security, compliance, and information technology in a healthcare environment.
• Comfort with and experience working directly to support end users.

The Company is committed to the principles of equal employment. We are committed to complying with all federal, state, and local laws providing equal employment opportunities, and all other employment laws and regulations. It is our intent to maintain a work environment which is free of harassment, discrimination, or retaliation because of age, race, color, national origin, ancestry, religion, sex, pregnancy (including childbirth, lactation and related medical conditions), physical or mental disability, genetic information (including testing and characteristics), veteran status, uniformed servicemember status, or any other status protected by federal, state, or local laws. The company is dedicated to the fulfillment of this policy in regard to all aspects of employment, including but not limited to recruiting, hiring, placement, transfer, training, promotion, rates of pay, and other compensation, termination, and all other terms, conditions, and privileges of employment

For information about our Privacy Policy, please visit here