Security Analyst

Spectrum Health & Human Services

Agency Profile:  Spectrum Health & Human Services respectfully partners with adults, children, and families as they recover from behavioral, emotional, mental health, and/or substance-related disorders by offering individualized and meaningful opportunities of hope, empowerment, and support to achieve self-defined improvements in their quality of life.

LOCATION: 227 Thorn Ave, Orchard Park NY, THIS IS NOT A REMOTE POSITION, YOU MUST COMMUTE TO ORCHARD PARK NY

SUMMARY OF POSITION FUNCTION:

Spectrum Health & Human Services is seeking a detail-oriented Security Analyst to help protect our healthcare organization's systems, data, and patient information. This role is responsible for monitoring security events, investigating potential threats, supporting compliance initiatives, and helping maintain a strong cybersecurity posture across clinical, administrative, and technology environments. The ideal candidate understands cybersecurity fundamentals, healthcare data privacy requirements, and the importance of protecting sensitive patient information in accordance with HIPAA and other applicable regulations.

MAJOR DUTIES AND RESPONSIBILITIES: 

• Monitor security alerts, logs, and events from systems such as SIEM, EDR, firewalls, email security, and vulnerability management tools.


• Investigate and respond to potential security incidents, escalating issues as appropriate.


• Support incident response activities, including documentation, evidence collection, root cause analysis, and remediation tracking.


• Assist with vulnerability scanning, risk assessment, patch validation, and security control testing.


• Help maintain compliance with HIPAA, HITECH, HITRUST, NIST, and internal security policies.


• Review access controls and support identity and access management processes.


• Partner with IT, compliance, legal, and clinical teams to identify and reduce security risks.


• Assist in developing and maintaining security policies, procedures, standards, and awareness materials.


• Support phishing investigations, security awareness campaigns, and user education efforts.


• Prepare reports and metrics related to threats, vulnerabilities, incidents, and compliance activities.


• Stay current on emerging cybersecurity threats, especially those affecting healthcare organizations. 

• Security monitoring and incident response tools: SIEM platforms such as Splunk, Microsoft Sentinel, or QRadar; EDR/XDR tools such as CrowdStrike, Microsoft Defender for Endpoint, SentinelOne, or Carbon Black; IDS/IPS; SOAR workflows; and case management or ticketing systems such as ServiceNow or Jira.


• Network and infrastructure security: firewalls, VPNs, secure web gateways, DNS filtering, email security gateways, vulnerability scanners, endpoint hardening, Active Directory, Windows and Linux systems, and basic TCP/IP, routing, and network troubleshooting.


• Cloud and SaaS security: Azure, AWS, or Google Cloud security controls; Microsoft 365 security and compliance tools; identity providers; MFA; conditional access; cloud logging; and secure configuration reviews.


• Healthcare security environment: HIPAA-regulated data, electronic health record platforms, clinical applications, medical device networks, third-party vendor access, and protection of protected health information across clinical and administrative workflows.


• Hands-on security operations: alert triage, log analysis, phishing investigation, malware containment, account compromise investigation, vulnerability validation, threat hunting, evidence collection, and remediation follow-up.

Core Competencies

• Hands-on threat detection and alert triage using SIEM, EDR/XDR, firewall, identity, endpoint, email, and cloud logs.


• Practical incident response experience, including containment, eradication, recovery coordination, root cause analysis, and post-incident documentation.


• Ability to investigate phishing, malware, suspicious authentication activity, data loss indicators, endpoint anomalies, and network-based threats.


• Working knowledge of vulnerability management, including scan review, risk prioritization, remediation tracking, patch validation, and exception documentation.


• Strong understanding of identity and access controls, including Active Directory, role-based access, privileged access, MFA, conditional access, and access reviews.


• Experience translating technical findings into clear risk statements, executive summaries, tickets, and remediation plans for IT, compliance, and clinical stakeholders.


• Ability to work independently during investigations while collaborating with infrastructure, application, compliance, privacy, and vendor teams.

• Sound judgment when handling protected health information, sensitive security data, and time-sensitive incidents in a regulated healthcare environment.

EDUCATION REQUIREMENTS:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field, or equivalent experience.

EXPERIENCE:

• 3 - 5+ years of experience in cybersecurity, information security, IT risk, or security operations.


• Familiarity with security tools such as SIEM, EDR/XDR, vulnerability scanners, firewalls, IDS/IPS, ethical hacking techniques, and ticketing systems.

• 3- 5+ years of experience and understanding of cybersecurity concepts, including threat detection, incident response, vulnerability management, network security, and access control.


• Knowledge of HIPAA, healthcare privacy/security requirements, or other regulated environments.


• Strong analytical, troubleshooting, and documentation skills.


• Ability to communicate security risks clearly to technical and non-technical stakeholders.

Preferred Qualifications

• Experience working in a healthcare, clinical, and remote office environment.


• Familiarity with frameworks such as NIST CSF, NIST 800-53, ISO 27001, CIS Controls, or HITRUST.


• Certifications such as Security+, CySA+, SSCP, GSEC, CEH, and similar.


• Experience with cloud security concepts across AWS, Azure, or Google Cloud.


• Experience supporting audits, risk assessments, or third-party vendor security reviews.


• Familiarity with electronic health record systems, medical device security, or healthcare IT environments.

OTHER:

• Must possess a valid Driver’s License with a satisfactory driving record

COMPENSATION: $68,000- $85,000/ annually