Security Analyst

This is a fully remote position, open to applicants in United States.

📋 Description

• Evaluate, implement, integrate, and oversee security tools, including linking sources such as AWS, HubSpot, Canvas, and MacBook endpoints (Mosyle, Bitdefender) into our Huntress SIEM.

• Assess security baselines for configurations to identify deficiencies, then collaborate with IT to address these deficiencies (e.g., CIS Benchmark, Vendor Best Practices).

• Support monitoring of security controls in relation to SOC 2 (and future HITRUST) compliance evaluations.

• Observe security dashboards, alerts, cyber incidents, and participate in tabletop exercises to enhance detection and response strategies.

• Analyze user and system behavior to fortify our security awareness training (KnowBe4) by transforming real-world signals into targeted, relevant education for our team.

• Collaborate closely with the product team (engineering, product management, and quality assurance) to ensure security monitoring is integrated throughout the SDLC.

• Develop proofs of concept and capabilities using AI to showcase possibilities and expedite the security program.

• Compile and revise runbooks to respond to potential security scenarios.

• Monitor assets, users, and files to ensure adherence to our security design and zero trust architecture.

• Write and maintain simple scripts and utilities to automate routine security checks across the Govern, Identify, Protect, Detect, Respond, and Recover functions.

• Assist in tracking and reporting key metrics such as average time to detect/respond/contain, false positive rate, failed login rate, patch compliance rate, and vulnerability exposure time.

• Provide support in other areas related to Governance, Risk, and Compliance as required.

⛳️ Requirements

• BS/BA degree or higher in Computer Science, Engineering, Computer Security, or a related technical discipline.

• 2–4 years of experience in security, IT, or a comparable technical position. Internships, security certifications (e.g., Security+), home-lab projects, and academic experience are all considered.

• Familiarity with SOC2, HITRUST, or HIPAA (or equivalent compliance standards).

• Understanding of SIEM and logging concepts; hands-on experience with Huntress or a similar platform is advantageous.

• Demonstrated ability to work collaboratively within a team to accomplish shared goals.

• Exposure to security or IT tools such as AWS, M365 Entra / Purview, Huntress, Mosyle, Bitdefender, KnowBe4, or Snyk — familiarity with several, but not necessarily all, is acceptable.

• Awareness of CI/CD pipeline concepts (e.g., Bitbucket Pipelines, GitHub Actions) is a plus, though not mandatory.

• Comfort with, or willingness to learn, basic scripting (Python, Bash, or Go) to verify data and configuration settings.

• Experience in the healthcare industry is highly preferred.

• Background in security testing within regulated environments, ideally HIPAA / healthcare, with a strong instinct for safeguarding PHI is a plus.

• Experience using AI tools (e.g., Co-Pilot, Gemini, Claude) to enhance security analysis and develop scripts for security system integration/validation.

• Excellent written and verbal communication skills, including the ability to document security ticket resolutions and root cause analysis reports, and to remain calm and communicate clearly during security incidents.

🏝️ Benefits

• Health insurance.

• Opportunities for professional growth and development.

• Collaborative and dynamic work environment.

• Flexible work arrangements and remote work options.

• Access to cutting-edge technologies and tools.