Role Description Metro Vein Centers is hiring a Security Analyst to own and mature our information security program across a 70+ clinic, cloud-first healthcare environment. This is a newly created role that reflects our commitment to proactive security, HIPAA compliance, and a zero trust approach to identity and access management. You will be responsible for day-to-day security operations, including: - Alert monitoring - Access reviews - Endpoint security - Email security - MDM policy enforcement - MFA administration - Phishing simulation programs What You'll Do - Monitor security alerts and events across the environment; investigate, triage, and respond to incidents in a timely manner - Administer and maintain Google Workspace security controls, including DLP policies, Gmail security settings, Drive sharing policies, and audit log review - Manage endpoint detection and response operations - Oversee device compliance policies, conditional access rules, and endpoint security baselines - Administer and enforce MFA policies and password complexity standards across all user populations - Conduct quarterly role-based access audits across critical systems including Athena, Luma, Google Workspace, and BigQuery - Own and maintain least-privilege access model across enterprise applications and identity platforms - Manage email security controls including phishing protection, spam filtering, and DMARC/DKIM configuration - Design and execute phishing simulation campaigns; deliver user security awareness training - Support HIPAA security compliance, including contributing to risk assessments, policy updates, and audit readiness - Assist with identity and access management (IAM) administration, including SSO, Google Identity - Collaborate with the network team on ZTNA policy enforcement and Zscaler security configurations - Contribute to incident response plans, disaster recovery documentation, and security runbooks - Track and report on key security KPIs including MFA adoption, device compliance rates, open vulnerabilities, and audit findings - Other related security duties as assigned - Occasional travel for critical issues or growth - Being on call rotation Qualifications - 3–5 years of experience in an information security, security analyst, or IT security operations role - Hands-on experience administering Google Workspace security features (admin console, audit logs, DLP, OAuth app controls) - Experience with endpoint security platforms; CrowdStrike Falcon preferred, Microsoft Defender for Endpoint also considered - Familiarity with Microsoft security products including Intune, Microsoft Defender, and Entra ID - Solid understanding of identity and access management concepts: SSO, MFA, RBAC, least privilege - Experience conducting access reviews, user provisioning audits, and policy enforcement - Working knowledge of email security protocols (SPF, DKIM, DMARC) and email threat landscape - Strong analytical skills with the ability to investigate alerts and identify indicators of compromise - Excellent written and verbal communication skills; ability to explain security concepts to non-technical users - Familiarity with HIPAA Security Rule requirements and healthcare data protection obligations Preferred Skills - CrowdStrike certification (CCFA, CCFH, or equivalent) preferred - Microsoft security certifications (SC-200, MS-500, or equivalent) a strong plus - Experience with Zscaler ZIA security policy management or cloud-native security platforms - Familiarity with SIEM platforms and log management tools - Experience running security awareness programs and phishing simulations (KnowBe4, Proofpoint, or similar) - Prior experience in healthcare IT security or compliance roles - Knowledge of NIST CSF or CIS Controls frameworks Benefits - Medical, Dental, and Vision Insurance - 401(k) with Company Match - Generous Paid Time Off (PTO) + Paid Company Holidays - Company-Paid Life Insurance - Short-Term & Long-Term Disability Insurance - Employee Assistance Program (EAP) - Career Growth & Development Opportunities - A collaborative, mission-driven culture focused on delivering exceptional patient care Compensation $75,000 — $85,000 USD

• Assist with the development and execution of test plans and procedures for telecommunications priority services • Support testing in wireline, wireless, IP, LTE, and emerging 5G environments under senior engineer guidance • Document test results, observations, and issues for review by senior technical staff • Help prepare technical reports and engineering documentation • Participate in meetings and technical discussions with internal and external stakeholders • Assist with Operations, Administration, Maintenance, and Provisioning (OAM&P) documentation and coordination activities • Support review and analysis of proposed carrier implementations and operational processes • Help prepare program documentation, presentations, and technical summaries • Assist with cybersecurity documentation and compliance requirements for telecommunications systems • Support the development and maintenance of security controls and cybersecurity artifacts • Participate in security assessments, vulnerability reviews, and risk documentation activities under supervision • Help maintain Interconnection Security Agreements (ISAs) and ATO-related materials

• Monitor security tools and platforms for suspicious activity and potential threats. • Investigate and triage alerts, respond to incidents, and document findings, root cause, and remediation actions. • Serve as the primary operational interface between customers, MDR providers, and internal teams for security events and escalations. • Coordinate incident response activities across MDR partners and internal teams. • Communicate security incidents, risks, and remediation status to customers. • Participate in incident reviews, RCA discussions, and customer meetings. • Ensure MDR services align with customer SLAs and contractual requirements. • Escalate critical risks and ensure timely resolution across stakeholders. • Perform vulnerability assessments and coordinate remediation activities across environments. • Identify and prioritize risks and recommend mitigation strategies to internal leadership and customers. • Maintain and tune security tools including SIEM, EDR, firewalls, and intrusion detection/prevention systems. • Analyze logs and telemetry to identify threats and improve detection capabilities. • Develop and maintain security operations processes, SOPs, and incident response runbooks to support consistent and scalable service delivery. • Create repeatable workflows for incident detection, escalation, and remediation. • Continuously refine playbooks based on lessons learned and threat intelligence. • Support onboarding of new customers by defining operational procedures. • Partner with Help Desk and Infrastructure teams to build security awareness and operational readiness. • Deliver training on security tools, processes, and escalation procedures. • Enable teams to identify, triage, and escalate security events appropriately. • Provide ongoing guidance to improve cross-team collaboration and response effectiveness. • Support development and enforcement of security policies, standards, and procedures. • Participate in audits and maintain documentation aligned to frameworks such as ISO 27001, NIST, SOC 2, and CMMC. • Stay current with emerging threats, vulnerabilities, and industry trends. • Recommend and implement improvements to strengthen security posture across internal and customer environments.

Role Description You will be more specifically in charge of: - Providing (tier 2 and 3) support to our customers, be part of our threat research team, collaborate with threat researchers and data scientists to challenge our detection engine on a daily basis. - Analyzing huge web traffic data sets (across more than 100 billion documents) to identify and block malicious traffic. - Contributing to support by analyzing past attacks to strengthen our detection. - Collaborating with threat researchers to challenge and optimize DataDome real-time detection engine capabilities. - Creating automates/scripts to detect outliers in our global traffic. - Identifying potential attacks and adding new alerts to our detection platform. Qualifications - Bachelors Degree Required in a relevant field. - At least 2 years in similar experience. - Familiar with at least one scripting language (preferably Python) to automate analysis and detection tasks. - Have a real passion for data, security and automated attacks mitigation. - Have expertise on network or web infrastructure (HTML, HTTP, CDN, DNS, IPv4/IPv6, cookies). - Master at least one Database language: MySQL/NoSQL/ElasticSearch. Requirements - Bonus points if you implement bots during your spare time. - Experience using Kibana is a plus. Benefits - Flex Life: While we offer remote, each position specifies the level of flexibility. You will also receive a 500€ stipend to help you set up your ideal workspace if you work hybrid or remotely. - Generous Health Benefits: We have partnered with Kenko for your healthcare needs. - Professional Development: #Weaimhigh is part of our DNA, therefore we have invested in an internal Learning and Development platform and offer the opportunity to request additional training and support via your manager. - Events & Team building: #We care and we have fun! We organize Annual Company-Offsite, Events, Drinks, Winter Party, Lunch & Learns and much more as part of our Culture. - Parent Care: Gift & care packages for parents. - PTO: Based on the country you are based from (e.g. 20 days in Costa Rica/5 days sick leave). Company Description DataDome delivers real-time bot and agent trust management, giving businesses complete visibility and control over all traffic—human, bot, or AI. Named a Leader in The Forrester Wave™ for Bot Management, DataDome is trusted by enterprises like Etsy, PayPal, and Soundcloud. Acting as a traffic control plane, DataDome's multi-layered AI engine leverages thousands of models and 5 trillion signals daily to analyze intent and stop fraud in under 2 milliseconds—letting legitimate users through seamlessly across websites, apps, APIs, and MCPs. Backed by a 24/7 SOC and expert threat researchers, DataDome stops 20k+ attacks every second. With 30+ global PoPs, and 50+ ready-made integrations, DataDome is a recognized Leader on G2 across several categories—delivering protection that outperforms.