Information Security Analyst (Remote Option)

Position eligible for – 

• Annual incentive bonus plan
• Medical, dental, and vision insurance with low deductible/low cost health plan
• Generous vacation and sick time accrual
• 12 paid holidays
• State Retirement (pension plan)
• 401(k) Plan with employer match
• Company paid life and disability insurance
• Wellness Programs
• Public Service Loan Forgiveness Qualifying Employer

See attachment for additional details. 

Office Location:  Remote position; Available for any of Partners locations

Projected Hiring Range:  Depending on Experience

Closing Date:   Open Until Filled

Primary Purpose of Position:  

The Information Security Analyst plays a critical role in safeguarding the confidentiality, integrity, and availability of sensitive data across the organization. This role supports the security needs of a Managed Care Organization (MCO) that is also operating as a Tailored Plan, ensuring compliance with HIPAA, HITRUST, and state Medicaid regulations. The analyst will monitor, assess, and respond to security threats while supporting risk management and audit readiness. 

Role and Responsibilities: 

• Monitor and analyze security alerts from various systems (SIEM, IDS/IPS, endpoint protection).
• Conduct vulnerability assessments and coordinate remediation efforts with IT and business units.
• Support incident response activities, including investigation, containment, and reporting.
• Maintain and update security policies, procedures, and standards in alignment with regulatory requirements.
• Assist in third-party risk assessments and vendor security reviews.
• Collaborate with compliance and legal teams to ensure adherence to Medicaid Tailored Plan requirements.
• Collaborate with IT staff to apply security best practices in system and application management.
• Participate in internal and external audits, including HITRUST certification and Medicaid readiness reviews.
• Provide security awareness training and phishing simulations to staff.
• Stay current with emerging threats, vulnerabilities, and regulatory changes impacting healthcare and Medicaid.
• Perform other duties as assigned.

Knowledge, Skills and Abilities:  

• Familiarity with SIEM tools, endpoint protection, and access management systems.
• Basic understanding of HIPAA, HITECH, and NIST cybersecurity frameworks.
• Ability to monitor, analyze, and respond to security alerts under supervision.
• Strong written and verbal communication skills.
• Ability to follow established procedures and escalate issues when needed.
• High attention to detail and commitment to protecting sensitive data.
• Interest in advancing cybersecurity knowledge and skills.

Education/Experience Required: 

• Bachelor’s degree in Cybersecurity, Information Technology, or related field, or equivalent experience.
• 3+ years of experience in a security operations role, preferably in healthcare or government.
• Familiarity with SIEM platforms (e.g., Splunk, Sentinel, Arctic Wolf).
• Understanding of HIPAA, HITECH, FISMA, and NIST cybersecurity frameworks.
• Experience with incident response and forensic investigations.
• Experience with project management
• Equivalent experience may be substituted for education on a case-by-case basis.

Education/Experience Preferred:  

• Security certifications such as CISA, CISSP, CISM, CRISC, Security+.
• Experience with cloud security in regulated environments (e.g., Azure Government, AWS GovCloud).
• Knowledge of healthcare IT systems (e.g., EHR, PACS).

Licensure/Certification Requirements:  N/A