Lead Security Analyst - IS-Security

About The Position

Requirements

• Bachelor’s degree and five (5) years of Information Security or Information Technology experience. An equivalent combination of education and experience relevant to the role may be considered for this position.
• Industry recognized cyber-security certification (CCSP, CISSP, CEH, CCIE).
• Strong understanding of security operations, including SIEM monitoring, log analysis, threat detection, and incident response workflows.
• Knowledge of network security concepts such as segmentation, firewalls, IDS/IPS, VPNs, and secure communication protocols.
• Understanding of vulnerability management processes, scanning tools, patching cycles, and exploit behavior.
• Familiarity with endpoint security technologies, including EDR, anti‑malware, disk encryption, and device control.
• Familiarity with common attack vectors, threat actor tactics, and MITRE ATT&CK techniques.
• Skilled in scripting or automation (PowerShell, Python, Bash) to streamline operational tasks.
• Ability to conduct vulnerability assessments and coordinate remediation with system owners.
• Skilled in documenting incidents, technical findings, and operational procedures clearly and accurately.
• Ability to support secure system design and provide technical input during solution deployments.

Nice To Haves

• Master’s degree or equivalent.
• Eight (8) years of Information Security or Information Technology experience.
• Multiple industry recognized cyber-security certifications (CCSP, CISSP, CEH, CCIE).

Responsibilities

• Partner with the Chief Information Security Officer (CISO) to define and refine strategic information security requirements, ensuring alignment with organizational goals and regulatory obligations across healthcare and academic environments.
• Lead the development of project plans and oversee the execution of approved security initiatives, ensuring timely delivery, resource coordination, and effective risk mitigation.
• Provide advanced technical expertise to safeguard data confidentiality, system integrity, system reliability, and secure recovery capabilities, ensuring compliance with HIPAA, FERPA, and other applicable standards.
• Direct and conduct investigations into unauthorized access, data modification, disclosure, or destruction, and design preventive controls to reduce future risk.
• Oversee the evaluation, selection, deployment, and maintenance of security technologies, including software, utilities, and hardware, and guide remediation efforts for identified vulnerabilities.
• Serve as a primary authority on security architecture and design, ensuring that systems and solutions are resilient, scalable, and aligned with best practices.
• Develop and maintain technical security standards, monitoring frameworks, and incident investigation procedures to support institutional policies and regulatory requirements.
• Lead efforts to identify, analyze, and resolve security vulnerabilities, operational risks, and audit findings across applications, infrastructure, and legacy systems.
• Provide leadership, coaching, and mentorship to security team members, fostering professional growth and strengthening team capabilities.
• Lead or support investigations involving theft of information resources, misuse of systems, or violations of institutional information security or privacy policies.
• Oversee monitoring of enterprise systems for indicators of compromise, direct incident response activities, and perform trend analysis to proactively identify emerging risks.
• Collaborate effectively with cross-functional teams, serving as a senior technical resource and contributing to a culture of security across the organization.
• Participates as a team member.
• Adheres to internal controls and reporting structure.
• Performs related duties as required.