×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security Security Manager IT Consultant

Lead Security Analyst

Job in Minneapolis, Hennepin County, Minnesota, 55400, USA
Listing for: HealthEZ
Full Time position
Listed on 2025-12-14
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, Security Manager, IT Consultant
Job Description & How to Apply Below

Join to apply for the Lead Security Analyst role at HealthEZ
.

The Lead Security Analyst is responsible for safeguarding the organization’s digital assets and ensuring the confidentiality, integrity, and availability of information systems. This role serves as the central point of leadership within the cybersecurity program—overseeing daily security operations, coordinating incident response efforts, managing risk assessments, and developing security policies, standards, and best practices. The Lead Security Analyst partners closely with IT, compliance, and leadership teams to identify vulnerabilities, implement mitigation strategies, and ensure regulatory compliance.

This position is essential for strengthening organizational resilience, reducing security risk, and ensuring ongoing compliance with industry standards such as SOC, NIST, HIPAA, and other regulatory requirements.

What You’ll Do
  • Risk & Vulnerability Management
    • Conduct ongoing risk assessments, vulnerability scanning, and security posture evaluations across cloud, on-premises, and hybrid environments.
    • Prioritize findings based on criticality and develop mitigation plans in collaboration with technical teams.
    • Oversee third-party and vendor risk assessments and track remediation.
  • Security Operations & Monitoring
    • Monitor security tools, SIEM alerts, endpoint protection, and network activity for suspicious behavior.
    • Lead the triage, investigation, and remediation of security incidents.
    • Maintain threat intelligence awareness and apply security updates, patches, and optimizations accordingly.
  • Incident Response
    • Develop, maintain, and execute the organization’s incident response plan.
    • Serve as the primary escalation point for security events and coordinate internal and external response teams.
    • Conduct post-incident root cause analysis and produce detailed reporting.
  • Policy, Governance & Compliance
    • Create, update, and enforce security policies, procedures, and standards.
    • Support audits (SOC 1/2, HIPAA, PCI, etc.) and maintain documentation of controls and evidence.
    • Ensure adherence to regulatory and contractual security requirements.
  • Security Architecture & Strategy
    • Provide guidance on secure design principles for new applications, integrations, and infrastructure changes.
    • Partner with IT and engineering teams to implement zero‑trust principles, identity controls, and data protection strategies.
    • Evaluate emerging security technologies and recommend improvements.
Qualifications
  • Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field; equivalent experience will be considered.
  • 5+ years of professional experience in cybersecurity, security operations, incident response, or information security analysis.
  • Hands‑on experience with endpoint detection and response (EDR) platforms, including Crowd Strike Falcon (required).
  • Strong operational experience with Microsoft 365 security and compliance tools, including:
    • Microsoft Defender for Endpoint
    • Microsoft Defender for Identity
    • Microsoft Defender for Cloud / Cloud Apps
    • Microsoft Purview (DLP, Compliance, Data Governance)
    • Microsoft Entra  (formerly Azure AD) for identity and access management
    • Exchange Online protection/security
  • Proficiency with Microsoft Sentinel (SIEM/SOAR) for log ingestion, alerting, playbooks, and incident analysis.
  • Experience managing security controls, policies, and monitoring in Microsoft Azure and hybrid cloud environments.
  • Demonstrated ability to lead end-to-end security incident investigations—including detection, triage, containment, remediation, and post‑incident reporting.
  • Strong understanding of security frameworks and control standards such as NIST CSF, ISO 27001, CIS Controls, SOC 2, SOC 1, and HIPAA.
  • Experience performing risk assessments, vulnerability management, access governance reviews, and related compliance activities.
  • Excellent communication skills with the ability to create clear documentation, explain technical concepts to non‑technical stakeholders, and present findings to leadership.
Desired Skills
  • Relevant certifications such as CISSP, CISM, CEH, Security+, or Azure security certifications.
  • Strong analytical and problem‑solving skills with the ability to…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search