• Triage and investigate security alerts across endpoints, identity systems, cloud environments, and production workloads. • Support response efforts for a range of security investigations, including account compromise, endpoint activity, and suspicious behavior in cloud, CI/CD, or production systems. • Collect and analyze relevant data (e.g., logs, system activity) to help scope incidents, identify impacted systems, and track activity across environments. • Escalate higher-risk or unclear activity, and support senior team members in ongoing investigations. • Execute containment or remediation actions as directed, and document findings clearly throughout the investigation lifecycle. • Support vulnerability and posture management efforts by validating findings and helping track remediation activities.

Role Description HealthPartners is hiring a Principal Epic Security IT Analyst. This position leads the coordination of Epic access activities across modules, care delivery groups, and the HealthPartners system. This role ensures the effective deployment of Epic security management by: - Maintaining strong access controls - Conducting security reviews for application releases and upgrades - Supporting the integration of security standards across Epic modules In addition, this position provides guidance to IT Security Administration staff on Epic provisioning practices and is responsible for documenting and maintaining provisioning processes. The role is instrumental to the Security Administration team’s oversight and management of Epic, primarily working with the various Epic security teams across HealthPartners, including Epic Core. It serves as the primary subject matter expert for Epic security, facilitates Epic Liaison meetings, and promotes knowledge sharing across internal teams and stakeholders. This position reports to the Manager, IT Security Administration, and joins a collaborative team of fourteen professionals, including administrators and analysts, focused on safeguarding access and security across the Epic environment. Qualifications - Bachelor’s degree or equivalent combination of education and work experience - Eight (8) years of experience in application security administration - Current Epic Security Coordinator certification - Current Epic SER badge certification - Proven troubleshooting and analytical skills - Project coordination experience - Strong negotiation and arbitration skills - Effective communication skills across varying technical aptitudes and hierarchies - Strong experience coordinating and facilitating change management - Working knowledge of compliance and security frameworks - Demonstrated writing and documentation skills - Expert-level knowledge and skill in provisioning access to information assets Requirements - Ten or more (10+) years of experience with Epic Security Administration (preferred) - Experience working with Identity and Access Management (IAM) tools and processes (preferred) Responsibilities - Leads coordination efforts around Epic EMP and SER master files - Consults with IT and non-IT Epic support teams to facilitate and coordinate security integration across Epic modules and Care Delivery groups - Instrumental in designing, creating, and implementing security classes, roles, profiles, menus, and templates - Provides thought leadership in the integration of Epic security practices across the enterprise - Assesses Epic access issues, troubleshooting access incidents and correcting provisioning or Epic Module integration issues - Reviews and analyzes Epic releases and upgrades; ensuring that HealthPartners takes full advantage of new security functionality - Ensures controlled change management for template or other key security functionality changes - Aligns reporting needs for access to Business Partners’ needs and application ownership - Leads efforts in partnership with IT application or technical teams when system changes or enhancements may require security administration utilities - Provides expert administration of user access to systems maintained by the IT Security Administration group - Advises Business partners on security policies and security administration best practices - Produces and maintains Security Administration Procedures for Epic-related access, forms, and documentation - Leads Security Administration efforts to provide evidence for audits and compliance reviews - Consult with IT Security and mobility teams to influence best practices as they relate to remote access capabilities to Epic applications and modules - Maintains knowledge of Epic including Nova release notes, User Forum, Galaxy, and other documentation published through the Epic User Web Benefits - Comprehensive range of benefits to support every aspect of your life, including health, time off, retirement planning, and continuous learning opportunities - Commitment to nurturing diverse talents and supporting work-life balance - Goal to help you thrive physically, mentally, emotionally, and financially Company Description At HealthPartners we believe in the power of good – good deeds and good people working together. As part of our team, you’ll find an inclusive environment that encourages new ways of thinking, celebrates differences, and recognizes hard work. We’re a nonprofit, integrated health care organization, providing health insurance in six states and high-quality care at more than 90 locations, including hospitals and clinics in Minnesota and Wisconsin. We bring together research and education through HealthPartners Institute, training medical professionals across the region and conducting innovative research that improves lives around the world. At HealthPartners, everyone is welcome, included and valued. We’re working together to increase diversity and inclusion in our workplace, advance health equity in care and coverage, and partner with the community as advocates for change.

• Manage identified cybersecurity risks through established risk management tools and processes spanning applications, infrastructure, and business operations. • Collaborate with product, engineering, and business teams to advance security initiatives and integrate security requirements into proposed solutions. • Prepare and deliver the weekly report on security vulnerabilities and identified risks to the business and stakeholders, ensuring timely remediation efforts. • Monitor, analyze, and report on key security metrics , issues, and remediation activities utilizing Excel and other relevant reporting platforms. • Support the organization’s migration to "Secure Flow" (paved path) in partnership with Cybersecurity, IT Developers, and business stakeholders. • Promote awareness of security policies, standards, procedures, and playbooks among business partners to ensure comprehensive adherence from project initiation. • Investigate findings and exceptions, coordinating resolution efforts with Cybersecurity, IT Developers, and business stakeholders. • Assist with third-party/vendor security assessments and risk reviews as required . • Provide customer-focused assistance to internal partners by clearly communicating security requirements, associated risks, and recommended actions in an accessible and business-oriented manner. • 30% Analysis - Perform data gathering, synthesis, and develop solutions; Leverage department standards to achieve results • 30% Collaborate - Partner with teams to identify trends and resolve problems • 40% Drive Execution - Evaluate information and provide recommendations based on findings

Role Description As a SOC analyst in Greece (Remote/Athens) in evening shift, your daily activities will include but are not limited to: - Analyze security alerts and report on threats and incidents across various platforms and environments. - Monitor and analyze emerging threats, vulnerabilities and exploits. - Triage, assess, and analyze security incidents related to e.g. phishing and malware. - Participate in incident management calls and coordinate response, triage, recovery, and reporting of incidents. - Participate in security process improvements. - Assist with rule tuning, filter-outs and operational improvements on the existing service offering. Qualifications - You bring experience working in one or more of the following areas: Email Security, Network Security, Intrusion Detection Systems, Threat Intelligence, Threat Detection. - You understand networking and core internet protocols (TCP/IP, HTTP, SSL) and have experience in analyzing malicious network traffic. - You have hands-on experience with the large-scale analysis of log data using SIEM and/or SOAR products and tools, as well as a basic understanding of security automation (SOAR) principles. - You possess excellent communication skills and proven experience in working with multiple stakeholders such as engineering/operations teams, internal business units, external incident response teams and clients throughout the incident lifecycle. - You are fluent in English. - You are eligible for a NATO clearance. Requirements - Experience working in a Security Operations Center. - Experience analyzing large data sets for threat hunting. - Knowledge of security frameworks, e.g. the MITRE ATT&CK. - Experience with analyzing network traffic, endpoint indicators, IOCs. - Basic understanding of cloud infrastructure and cloud identities. Benefits - A training budget of 10.000€ and 10 days every 2 years. - Working and learning from the best people in the European cyber security industry. - An entrepreneurial and agile company, where you will be stimulated and supported in driving new initiatives. - Our commitment to coach and counsel you and help you grow; each employee receives a personal coach within the team. - Flexible working model and home office possibilities (+working abroad options). - Statutory leave plus 5 additional leave days by NVISO. Company Description We are a young team of cyber security professionals who decided to do things differently. With innovation rooted in our foundations, we offer services that are up against the modern adversary and that help you Prevent, Detect & Respond to cyber attacks.