Senior Security Analyst

Location

United States

Posted

22 hours ago

Salary

$110K - $120K / year

Seniority

Senior

Job Description

Senior Security Analyst

LUX Infusion

Role Description The Senior Security Analyst (Healthcare) is responsible for protecting the organization’s information systems, data, and technology assets with a primary focus on safeguarding Protected Health Information (PHI) and ensuring compliance with healthcare regulatory requirements. This role plays a critical part in designing, implementing, monitoring, and improving the organization’s cybersecurity posture in alignment with HIPAA, HITECH, and other applicable standards. This position serves as a senior technical and operational resource within the security function, leading security monitoring, incident response, risk assessments, vulnerability management, and compliance initiatives. The Senior Security Analyst works closely with IT, infrastructure, application teams, compliance, and external partners to identify risks, respond to threats, and maintain a strong security posture across a multi-site healthcare environment. Everything we do connects back to real people navigating complex healthcare journeys - and this role helps make that journey brighter. What You’ll Do - Security Operations and Monitoring - Monitor and analyze security events and alerts across networks, endpoints, cloud platforms, and applications. - Investigate suspicious activity and lead incident response efforts, including triage, containment, eradication, and recovery. - Serve as an escalation point for complex security incidents and coordinate cross-functional response efforts. - Maintain and tune SIEM, EDR, and other security tools to improve detection and reduce false positives. - Conduct root cause analysis and document incidents, actions taken, and lessons learned. - Healthcare Security and Compliance - Ensure compliance with HIPAA, HITECH, and other healthcare regulatory and privacy requirements. - Participate in security risk assessments, gap analyses, and audits (internal and external), including support for third-party assessments. - Develop and maintain security policies, standards, and procedures aligned with regulatory expectations. - Monitor controls related to PHI protection, data access, and breach prevention. - Support audit readiness and remediation activities for compliance findings. - Vulnerability and Risk Management - Conduct regular vulnerability scans and coordinate remediation efforts across infrastructure and application teams. - Prioritize risks based on business impact, exploitability, and regulatory exposure. - Track and report on vulnerability remediation status and risk reduction efforts. - Perform risk assessments on new systems, vendors, and technology implementations. - Contribute to third-party risk management and vendor security reviews. - Security Engineering and Architecture Support - Collaborate with infrastructure and application teams to implement secure configurations and controls. - Evaluate and recommend security solutions, tools, and technologies to enhance protection capabilities. - Support secure design reviews for new applications, systems, and integrations. - Validate implementation of security controls across networks, endpoints, and cloud environments. - Identity and Access Management (IAM) - Review and monitor user access to systems containing PHI and sensitive data. - Support access governance processes, including provisioning, deprovisioning, and periodic access reviews. - Investigate access anomalies and enforce least-privilege principles. - Training, Awareness, and Continuous Improvement - Support security awareness and training initiatives with a focus on healthcare threats (e.g., phishing, ransomware). - Provide guidance to IT and business teams on security best practices and risk mitigation. - Identify opportunities to improve security processes, tooling, and response capabilities. - Mentor junior analysts and contribute to the development of the security team. Qualifications - Bachelor’s degree in Cybersecurity, Information Technology, or a related field preferred; equivalent experience considered. - 5+ years of experience in cybersecurity, information security, or related roles. - 2+ years of experience in healthcare IT, security, or regulated environments required. - Demonstrated experience with incident response, threat detection, and vulnerability management. - Experience supporting audits and compliance frameworks in regulated industries. Requirements - Strong understanding of: - Security operations (SIEM, EDR, log analysis) - Network security (firewalls, IDS/IPS, segmentation) - Endpoint security and device hardening - Cloud security principles (Azure, AWS, or similar) - Vulnerability scanning and remediation tools - Familiarity with: - HIPAA Security Rule and Privacy Rule - NIST Cybersecurity Framework (CSF) and/or NIST 800-53 - HITRUST CSF (preferred in healthcare environments) - Knowledge of identity and access management practices. - Understanding of secure system and application design principles. Benefits - Purpose-driven work with real impact - A patient-first, clinician-led culture - Supportive, collaborative teammates - The opportunity to grow with a company building something meaningful Pay Range/Rate $110,000 — $120,000 USD

Related Job Pages

More Security Analyst Jobs

ICF logo

Cyber Security Analyst, Senior

ICF

Founded in 1969, ICF is a global advisory and technology services company headquartered in Reston, Virginia. It delivers data-driven solutions across energy, en

Title: Cyber Security Analyst, Senior (High Level Clearance Required) Location: Pensacola United States Job Description: time type Full time job requisition id R2602422 ICF seeks an experienced Senior Cyber Security Analyst to support the research and development of new cyber analytic capabilities that will help the US protect and defend its networks and critical information systems. The successful cleared candidate will act as a Senior Cyber Security Analyst to support a large federal cyber security analytic program. Your work will contribute to the knowledge of how cyber-attacks work, how vulnerabilities are exploited, and the way hostile cyber actors operate. Utilize your skills to help experiment and prototype future cyber capabilities for implementation at large-scale. As the Senior Cyber Security Analyst, you will work with our customers, developers, and researchers to evolve, automate, and enhance cybersecurity capabilities in defense or federal agencies. This is an opportunity to contribute to an important project from its beginning, work with the latest and emerging technologies, and all while building a great career at ICF! This role has a hybrid work schedule with the expectation of a minimum of two days/week supporting the program based in Pensacola, FL and the remainder of the week teleworking. What You Will Be Doing: - Augment operational cyber analysts and act as a consultant for detection and/or threat hunting - Advise on data preparation, implementation of techniques, visualizations, and employment of analytics developed by ICF and customer partners - Assess current use of cyber tools by analysts and assess whether efficiencies can be made via alternate use of current, or adoption of alternate tools - Problem-solve by identifying potential tools/processes to support needs, capturing areas of improvement that can be translated into functional requirements for future planning - Provide ad-hoc training to cyber analyst teams on tools that support or enhance current processes - Identify areas of technical training gaps and proposed approaches to methods (hands on, online modules, etc.) to improve the use of tools and data in support of the cybersecurity mission. - Participate in post-engagement review - Effectively communicate with leadership to ensure awareness of progress, challenges What You Must Have: - Bachelor’s degree with 12+ or Master’s degree with 10+ years of experience in IT, Cyber, or related field - Position requires a minimum of 5 years of Cyber Security experience (e.g., Threat Hunt, Incident Response, Investigations, Technical Reporting, etc.) - 5 years of experience using network security analysis/IDS tools - 5 or more years of experience analyzing packet capture and NetFlow data with an understanding of current cyber threats and trend derived from multiple sources (e.g., open-source, intelligence products, etc.) - 5 or more years of experience with different types of Malware including detection methods, attack vectors, and vulnerabilities used - Experience with query languages (e.g., SQL, KQL, etc.) - Experience developing advanced dashboards (e.g., Kibana, Splunk, etc.) - Experience with different cybersecurity frameworks and knowledge bases to identify tactics, techniques, and procedures of known actors - 5 or more years of Leadership experience - Active high-level security clearance required as part of client contract requirement - Due to the nature of the work and contract requirements, US citizenship is required Preferred Qualifications: - Interpersonal skills and the ability to communicate effectively with various clients in order to explain and elaborate on technical details - Practical experience with different scripting languages (e.g., Python, JavaScript, etc.) - Practical experience with the Databricks Intelligence Platform - Experience with system vulnerability assessments - Knowledge of Linux/Unix and Windows operating systems security - Knowledge of computer programming and scripting languages - Excellent written and verbal communication skills - Scaled Agile Framework (SAFe) experience - CompTIA Security+ or higher certification level preferred Working at ICF ICF is a global advisory and technology services provider, but we’re not your typical consultants. We combine unmatched expertise with cutting-edge technology to help clients solve their most complex challenges, navigate change, and shape the future. We can only solve the world's toughest challenges by building a workplace that allows everyone to thrive. We are an equal opportunity employer. Together, our employees are empowered to share their expertise and collaborate with others to achieve personal and professional goals. For more information, please read our EEO policy. We will consider for employment qualified applicants with arrest and conviction records. Reasonable Accommodations are available, including, but not limited to, for disabled veterans, individuals with disabilities, and individuals with sincerely held religious beliefs, in all phases of the application and employment process. To request an accommodation, please email  and we will be happy to assist. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodations.  Read more about workplace discrimination rights or our benefit offerings which are included in the Transparency in (Benefits) Coverage Act. Candidate AI Usage Policy At ICF, we are committed to ensuring a fair interview process for all candidates based on their own skills and knowledge. As part of this commitment, the use of artificial intelligence (AI) tools to generate or assist with responses during interviews (whether in-person or virtual) is not permitted. This policy is in place to maintain the integrity and authenticity of the interview process.  However, we understand that some candidates may require accommodation that involves the use of AI. If such an accommodation is needed, candidates are instructed to contact us in advance. We are dedicated to providing the necessary support to ensure that all candidates have an equal opportunity to succeed.   Pay Range - There are multiple factors that are considered in determining final pay for a position, including, but not limited to, relevant work experience, skills, certifications and competencies that align to the specified role, geographic location, education and certifications as well as contract provisions regarding labor categories that are specific to the position. The pay range for this position based on full-time employment is: $98,145.00 - $166,846.00

Florida
$98.1K - $166.8K / year
Full TimeRemoteTeam 10,001+Since 2006H1B Sponsor

• Será responsable de contribuir a la protección de los activos de información. • Garantizar el cumplimiento de estándares de seguridad y apoyar la operación segura de la infraestructura tecnológica de la organización. • Implementar y monitorear políticas, procedimientos y controles de Seguridad de la Información. • Garantizar el cumplimiento de estándares y marcos normativos como ISO 27001, NIST y PCI DSS. • Identificar, evaluar y gestionar riesgos de seguridad de la información. • Administrar y dar soporte a soluciones de seguridad perimetral, incluyendo FortiGate. • Realizar monitoreo y análisis de eventos e incidentes de seguridad. • Ejecutar actividades de fortalecimiento y mejora continua de los controles de ciberseguridad. • Gestionar revisiones de configuraciones de seguridad en infraestructura tecnológica. • Apoyar auditorías internas y externas relacionadas con seguridad de la información. • Generar informes, indicadores y recomendaciones para la mitigación de riesgos. • Brindar acompañamiento técnico a las diferentes áreas en temas de seguridad y cumplimiento.

Colombia
OpenAI logo

Quantitative Intelligence Analyst

OpenAI

A privately-held artificial intelligence (AI) research company, OpenAI discovers, builds, and enacts paths to secure artificial general intelligence (AGI). Foun

Title: Quantitative Intelligence Analyst Job Description: Location San Francisco Employment Type Full time Location Type Hybrid Department Intelligence & Investigations Compensation - $198K – $320K • Offers Equity The base pay offered may vary depending on multiple individualized factors, including market location, job-related knowledge, skills, and experience. If the role is non-exempt, overtime pay will be provided consistent with applicable laws. In addition to the salary range listed above, total compensation also includes generous equity, performance-related bonus(es) for eligible employees, and the following benefits. - Medical, dental, and vision insurance for you and your family, with employer contributions to Health Savings Accounts - Pre-tax accounts for Health FSA, Dependent Care FSA, and commuter expenses (parking and transit) - 401(k) retirement plan with employer match - Paid parental leave (up to 24 weeks for birth parents and 20 weeks for non-birthing parents), plus paid medical and caregiver leave (up to 8 weeks) - Paid time off: flexible PTO for exempt employees and up to 15 days annually for non-exempt employees - 13+ paid company holidays, and multiple paid coordinated company office closures throughout the year for focus and recharge, plus paid sick or safe time (1 hour per 30 hours worked, or more, as required by applicable state or local law) - Mental health and wellness support - Employer-paid basic life and disability coverage - Annual learning and development stipend to fuel your professional growth - Daily meals in our offices, and meal delivery credits as eligible - Relocation support for eligible employees - Additional taxable fringe benefits, such as charitable donation matching and wellness stipends, may also be provided. More details about our benefits are available to candidates during the hiring process. This role is at-will and OpenAI reserves the right to modify base pay and other compensation components at any time based on individual performance, team or company results, or market conditions. OverviewApplication About the Team The Intelligence and Investigations team seeks to rapidly identify and mitigate abuse and strategic risks to ensure a safe online ecosystem. We are dedicated to identifying emerging abuse trends, analyzing risks, and working with our internal and external partners to implement effective mitigation strategies to protect against misuse. Our efforts contribute to OpenAI's overarching goal of developing AI that benefits humanity. The Strategic Intelligence & Analysis (SIA) team provides safety intelligence for OpenAI’s products by monitoring, analyzing, and forecasting real-world abuse, geopolitical risks, and strategic threats. Our work informs safety mitigations, product decisions, and partnerships, ensuring OpenAI’s tools are deployed securely and responsibly across critical sectors. About the Role As a Quantitative Intelligence Analyst, you will focus on discovering novel and emerging risks in complex human–AI systems before they are well-defined, measurable, or widely understood. You will use deep subject matter expertise and quantitative tooling to surface weak, early, and unconventional risk signals. You will build analytic models that explain how harms could emerge and translate ambiguous patterns into structured, data-driven insight. Your work will help identify potential gaps in policy or coverage and operationalize previously unmeasured problems into signals that can support detection, mitigation, and planning downstream. You will develop analytical frameworks that map how new risks form, evolve, and propagate as products change, policies shift, and external events unfold. Your analyses will directly inform strategic risk prioritization and planning across the company, with regular visibility through strategic risk products. This role is based in office (hybrid, 3 days/week). Relocation support is available In this role, you will: - Discover and define new quantitative risk signals where no established metrics exist, using subject matter expertise to surface early, weak, or unconventional indicators - Translate complex trust and safety challenges into measurable signals that can be tracked and stress-tested over time - Develop upstream early-warning and signal frameworks that inform downstream detection and mitigation efforts - Analyze risk trends to assess the underlying drivers and causal factors behind those changes - Conduct data mining and statistical modeling to understand how risks originate, evolve, and propagate across systems - Design adversarial scenarios, and quantitative stress tests to assess exposure, coverage gaps, and vulnerabilities - Produce clear data-driven briefs to support risk prioritization, contingency planning, and strategic risk products across teams You might thrive in this role if you: - Have 3+ years of experience in quantitative intelligence analysis, trust & safety, security analysis, or risk-focused research - Are comfortable working on complex trust and safety domains such as child safety, violent activities, self-harm, or similar high-stakes risk areas - Familiarity with data mining, statistical modeling, and supervised learning methods - Understand how to monitor signals or models for data drift, behavioral adaptation, or performance degradation over time, and can diagnose likely causes - Experience in operationalizing adversarial or strategic risk behaviors, including through red-team exercises, agent-based modeling, or structured scenario analyses - Comfortable working with Python and SQL - Nice to have: Experience with quantitative stress testing or Monte Carlo simulations to assess uncertainty and tail risk About OpenAI OpenAI is an AI research and deployment company dedicated to ensuring that general-purpose artificial intelligence benefits all of humanity. We push the boundaries of the capabilities of AI systems and seek to safely deploy them to the world through our products. AI is an extremely powerful tool that must be created with safety and human needs at its core, and to achieve our mission, we must encompass and value the many different perspectives, voices, and experiences that form the full spectrum of humanity. We are an equal opportunity employer, and we do not discriminate on the basis of race, religion, color, national origin, sex, sexual orientation, age, veteran status, disability, genetic information, or other applicable legally protected characteristic. For additional information, please see OpenAI’s Affirmative Action and Equal Employment Opportunity Policy Statement. Background checks for applicants will be administered in accordance with applicable law, and qualified applicants with arrest or conviction records will be considered for employment consistent with those laws, including the San Francisco Fair Chance Ordinance, the Los Angeles County Fair Chance Ordinance for Employers, and the California Fair Chance Act, for US-based candidates. For unincorporated Los Angeles County workers: we reasonably believe that criminal history may have a direct, adverse and negative relationship with the following job duties, potentially resulting in the withdrawal of a conditional offer of employment: protect computer hardware entrusted to you from theft, loss or damage; return all computer hardware in your possession (including the data contained therein) upon termination of employment or end of assignment; and maintain the confidentiality of proprietary, confidential, and non-public information. In addition, job duties require access to secure and protected information technology systems and related data security obligations. To notify OpenAI that you believe this job posting is non-compliant, please submit a report through this form. No response will be provided to inquiries unrelated to job posting compliance. We are committed to providing reasonable accommodations to applicants with disabilities, and requests can be made via this link. OpenAI Global Applicant Privacy Policy At OpenAI, we believe artificial intelligence has the potential to help people solve immense global challenges, and we want the upside of AI to be widely shared. Join us in shaping the future of technology.

California
$198K - $320K / year
Full TimeRemoteTeam 10,001+Since 1987H1B Sponsor

• Approvals: Act as a gatekeeper for sensitive access and firewall rule approvals, ensuring compliance with security policies and business needs. • Reviews: Conduct regular reviews of access permissions, firewall configurations, and IT infrastructure settings (e.g., AD, Intune, Office 365, Azure) to ensure adherence to security best practices and expectations. • Architectural Review and Change Management: Review and approve all proposed changes to the IT infrastructure, ensuring changes do not compromise security integrity. • Testing: Conduct vulnerability scans at both regional and laboratory levels, overseeing remediation efforts. Collaborate with Group Security to facilitate penetration testing as required. • Incident Response: Assist in the investigation of security breaches and provide support for security intelligence reported by the Group Security Operations Center (SOC). • Advisory Role: Work closely with newly acquired laboratories to enhance their security posture, leveraging internal security standards and the expertise of a Senior Security Analyst. Evaluate the security of both in-house and externally developed applications, providing recommendations for security enhancements. • Reporting: Contribute to the development of operational security Key Performance Indicators (KPIs) and offer recommendations for improvement based on data analysis and industry best practices. • Vulnerability Management: Oversee the vulnerability management process for our entire infrastructure, ensuring timely identification, prioritization, and mitigation of vulnerabilities.

Romania
RON8.5K - RON10.5K / month