Information Security Analyst​/Administrator

Job Description

Pay Range: $30.71hr - $35.71hr

• The Information Security Analyst/Administrator supports the organization’s vulnerability management and information security programs.
• This role focuses on identifying, analyzing, and mitigating security risks while ensuring security is embedded by design across IT systems and processes.
• The position works closely with application, infrastructure, and operations teams to strengthen the overall security posture and support compliance initiatives.

• Monitor and analyze vulnerability assessment data to identify and communicate technical risks.
• Support identification and impact classification of newly discovered vulnerabilities.
• Execute and support vulnerability assessments, penetration testing, and social engineering activities.
• Provide insights on the evolving cyber threat landscape, including threat actor tactics, techniques, and procedures.
• Review and interpret application security scan results with understanding of underlying code structures.
• Provide post-development testing support to validate vulnerability remediation.
• Facilitate vulnerability management processes by tracking and coordinating remediation across teams.
• Ensure timely closure of security gaps with application, infrastructure, and operations teams.
• Support the vision and strategic objectives of the vulnerability management program.
• Aggregate, analyze, and report vulnerability data from multiple tools and platforms.
• Manage and utilize information security tools such as DLP, code scanners, and external security profiles.
• Participate in the IT SDLC to ensure security is included by default and by design.
• Build strong working relationships across departments to ensure security compliance.
• Assist with regulatory and compliance requirements, including audits, assessments, certifications, and client inquiries.
• Brief information security leadership on vulnerability assessment results and risks.
• Support leadership in identifying capability gaps in vulnerability management services.
• Collaborate with cross-functional teams to improve security posture and workflows.
• Continuously develop knowledge and skills to support information security objectives.

• Bachelor’s degree in Computer Science, Information Technology, or equivalent.
• Minimum of 3 years of experience in Information Technology, Information Security, or Compliance.
• Experience with major security and compliance standards including SOC, ISO, PCI DSS, HITRUST, SANS, and NIST.
• Demonstrated experience implementing compliance frameworks in regulated environments.
• Familiarity with a broad range of IT hardware and software products.
• Strong project management skills.
• Excellent verbal, written, and presentation skills.
• Strong analytical and problem-solving abilities.
• Experience managing enterprise security and intrusion detection systems.
• Ability to work collaboratively across business and technology teams.
• Ability to interpret application structures and code approaches at a high level.

• Security certifications such as CISSP, CISM, GIAC, PCI DSS, or equivalent.
• Experience or knowledge within healthcare or health insurance environments.
• Knowledge of CMS and HIPAA vendor requirements.
• Working knowledge of Security SDLC tools.

• 3+ years of experience in Information Security, IT, or Compliance roles.

• Bachelor’s degree in Computer Science, Information Technology, or equivalent.