Information Security Analyst

About The Position

Requirements

• Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field
• A minimum of eight years of professional-level information technology experience, which included a minimum of three years of experience performing information security functions in a health care environment (a Master’s degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying
• Knowledge of: HIPAA and FISCAM security guidelines
• Knowledge of: Computer network penetration testing
• Knowledge of: Security frameworks, such as NIST, ISO 27001, and COBIT
• Knowledge of: Firewalls, proxies, SIEM, antivirus, and IDPS concepts
• Knowledge of: Security systems, operating systems, and virtualization
• Ability to: Identify, mitigate and educate staff regarding the avoidance of network vulnerabilities
• Ability to: Write clearly, concisely and precisely and convey information to the intended audience in a manner that is easily understood
• Ability to: Interpret and synthesize a wide range of information from a variety of sources and translate complex information and concepts into clear, succinct documentation
• Ability to: Develop training materials and conduct staff training
• Ability to: Demonstrate strong analytical and problem-solving skills, define issues, conduct research, and analyze and interpret data

Nice To Haves

• Brings a broad foundation across multiple areas of information security, including network security, endpoint protection, identity and access management, and cloud security, in a healthcare environment
• Demonstrates strong knowledge of security frameworks (e.g., NIST, ISO 27001, CIS Controls) and regulatory requirements (e.g., HIPAA, PCI-DSS, GDPR)
• Skilled in monitoring, analyzing, and responding to security incidents using SIEM tools and other detection technologies
• Able to perform vulnerability assessments, interpret findings, and recommend practical remediation steps
• Comfortable with both proactive (risk assessments, audits, security awareness training) and reactive (incident response, forensic analysis) security functions
• Effective communicator who can explain technical risks and solutions to both technical teams and non-technical stakeholders
• Strong problem-solving mindset and attention to detail; able to anticipate threats and implement preventive measures
• Demonstrated ability to collaborate across IT, compliance, and business units to align security with organizational goals
• Keeps current with emerging cyber threats, trends, and best practices
• CISSP or CISM a plus

Responsibilities

• Performs analysis of Alliance information security practices to ensure alignment with industry standards and guidelines
• Identifies, investigates, and resolves security breaches detected by Alliance security solutions
• Participates in the creation and maintenance of policies, standards, guidelines, and procedures related to information security
• Leads and performs staff training on information security and security breach prevention

Benefits

• Medical, Dental and Vision Plans
• Ample Paid Time Off
• 12 Paid Holidays per year
• 401(a) Retirement Plan
• 457 Deferred Compensation Plan
• Robust Health and Wellness Program
• Onsite EV Charging Stations