Information Security Analyst

About The Position

Requirements

• 1+ years of experience in a technical or IT-related role.
• Strong understanding of operating systems (Windows, Linux, MacOS).
• Familiarity with network concepts such as TCP/IP, firewalls, VPNs, and IDS/IPS.
• Basic knowledge of security principles, including access controls and encryption.
• Hands-on experience with troubleshooting hardware and software issues.
• Exposure to basic scripting or programming languages (e.g., Python, PowerShell, Bash).
• Familiarity with ticketing systems and IT service management tools.
• Ability to effectively communicate technical concepts to non-technical stakeholders.
• Strong analytical and problem-solving skills.
• Enthusiasm for learning and staying current in the field of cybersecurity.

Nice To Haves

• Hands-on experience with cloud security labs (Azure, AWS, GCP) or platforms such as TryHackMe, HackTheBox, or similar.
• Familiarity with healthcare-specific compliance frameworks such as HITRUST or HIPAA.
• Experience with security tools such as SIEMs, vulnerability scanners, and endpoint detection and response platforms.
• Knowledge of common attack vectors, malware analysis, and incident response procedures.
• Understanding of encryption technologies and secure coding practices.
• Certifications such as CompTIA Security+ or equivalent.
• Practical experience with cloud platforms (Azure, AWS, GCP) and their security configurations.
• Understanding of security frameworks such as MITRE ATT&CK and OWASP Top 10.
• Hands-on experience with penetration testing tools (e.g., Metasploit, Burp Suite, Nessus).
• Demonstrated ability to automate tasks using scripting or tools.
• Experience with forensic analysis and recovery procedures.
• Familiarity with DevSecOps practices and CI/CD pipeline security.
• Passion for cybersecurity with participation in Capture the Flag (CTF) competitions or other practical challenges.
• Involvement in cybersecurity communities or forums.
• Ability to write detailed and clear documentation for both technical and non-technical audiences.

Responsibilities

• Monitor and respond to security alerts and incidents to ensure the confidentiality, integrity, and availability of information systems.
• Conduct vulnerability assessments and support remediation efforts.
• Assist with the implementation and maintenance of security controls and processes.
• Collaborate with IT teams to ensure secure configurations of hardware and software.
• Perform regular log analysis and threat hunting to identify potential risks or anomalies.
• Support the development and enforcement of security policies, procedures, and standards.
• Assist in the evaluation and selection of security tools and technologies.
• Conduct employee security awareness training sessions and campaigns.
• Ensure compliance with healthcare regulations and standards, such as HITRUST.
• Document security incidents, findings, and recommendations.
• Research emerging threats and vulnerabilities to enhance organizational security posture.
• Participate in audits and assessments to identify areas for improvement.
• Improve and maintain disaster recovery and incident response plans.
• Liaise with third-party vendors and service providers to ensure adherence to security standards.
• Perform regular risk assessments and propose mitigation strategies.