Cybersecurity Analyst

Sentara Hospitals•Norfolk, VA

21h•$80,205 - $133,682•Remote

About The Position

Sentara is hiring for a Cybersecurity Analyst! This position is fully remote! Overview Responsible for day-to-day support and optimization of software applications, including builds, upgrades, and system enhancements. Analyzes business / clinical needs, evaluate software releases and/or new products, and gives recommendations to optimize processes and decrease expenses. Possesses in-depth business / clinical and application knowledge and experience. Performs and documents workflow assessments to determine functional requirements for optimal utilization of applications. Develops system test plans and performs testing of software upgrades and patches. Maintains a record of test progress and test results. Responsible for problem, incident, and change management and service requests. Provides daily on-call support to the customer base for application-related issues. Works within a cross-functional team and with end-users to achieve application integration to meet business / clinical needs. Responsible for the communication of software issues, requirements, upgrades, and enhancements. Oversees smaller-sized projects or components of projects. Coordinates implementation or project planning around software application releases. Possesses a key certification(s) or other credential(s) which is determined central to the systems or applications supported. An Experienced Professional applies practical knowledge of job areas typically obtained through advanced education and work experience. Responsibilities typically include: Works independently with general supervision. Problems faced are difficult but typically not complex. May influence others within the job area through explanation of facts, policies, and practices. Position Summary: Our Cybersecurity Analyst role specializes in Security Orchestration Automation & Response (SOAR), Incident Response, Endpoint Detection & Response (EDR), and Security Information and Event Management (SIEM). In this critical role, you will help protect sensitive patient and organizational data by proactively detecting, analyzing, and responding to cybersecurity threats, leading the development and implementation of a customized SOAR solution to automate and streamline security operations, while ensuring compliance with HIPAA and healthcare regulations. This position requires participation in a 24/7 on-call rotation to respond promptly to security incidents.

Requirements

Bachelor’s degree in Cybersecurity, Computer Science, IT, or a related field; or equivalent experience.
3+ years of experience in a SOC, incident response, health IT cybersecurity, or SOAR engineering role.
Excellent proficiency in Python
Proven experience with SOAR implementation, EDR tools, and SIEM solutions, with preference for healthcare environments.
Familiarity with HIPAA and healthcare risk management practices.
Strong communication, teamwork, and documentation skills; able to communicate effectively with technical and clinical stakeholders.
Availability to participate in a 24/7 on-call rotation and respond to security incidents outside of standard business hours.
3 years of relevant experience with a degree (Required) or 5+ years of relevant experience without a degree (Required)

Nice To Haves

Relevant certifications (CISSP, CEH) are preferred.

Responsibilities

Design, develop, and maintain a customized SOAR solution that automates incident detection, analysis, triage, containment, and reporting.
Collaborate with stakeholders to identify repetitive security tasks suitable for SOAR automation, improving efficiency and consistency in security operations.
Integrate SOAR workflows with existing EDR, SIEM, and other critical platforms to enhance visibility and rapid response capabilities.
Continuously tune SOAR playbooks to adapt to emerging threats, regulatory changes, or improvements in threat intelligence.
Monitor all platforms for security incidents, leveraging SOAR for rapid, orchestrated response.
Lead and support incident response efforts—from identification and analysis to containment, eradication, and recovery—with a focus on safeguarding Protected Health Information (PHI) and ensuring minimal impact to patient care.
Analyze logs, forensic data, and network traffic across a complex healthcare IT environment.
Develop and tune SIEM correlation rules, alerts, and integrated SOAR workflows to detect and respond to threats.
Serve as part of a 24/7 on-call rotation, responding rapidly to incidents and escalations as they arise, including after-hours and weekends.
Ensure incident handling and SOAR-driven automation align with HIPAA and all relevant regulations; participate in incident debriefs and continuous improvement initiatives.
Collaborate with clinical, IT, compliance, and third-party vendors to assess risk and remediate vulnerabilities across critical systems and devices.
Document incident response and SOAR automation actions in detail, maintaining records for legal, compliance, and audit purposes.
Participate in healthcare-specific threat hunting, vulnerability assessments, and security exercises to strengthen organizational resilience.
Maintain current knowledge of emerging cyber threats, SOAR technologies, vulnerabilities, and regulatory changes that could impact healthcare operations.

Benefits

Medical, Dental, Vision plans
Adoption, Fertility and Surrogacy Reimbursement up to $10,000
Paid Time Off and Sick Leave
Paid Parental & Family Caregiver Leave
Emergency Backup Care
Long-Term, Short-Term Disability, and Critical Illness plans
Life Insurance
401k/403B with Employer Match
Tuition Assistance – $5,250/year and discounted educational opportunities through Guild Education
Student Debt Pay Down – $10,000
Reimbursement for certifications and free access to complete CEUs and professional development
Pet Insurance
Legal Resources Plan
Colleagues have the opportunity to earn an annual discretionary bonus if established system and employee eligibility criteria is met.