Job Details

No Corps

Direct Hire

Onsite in Knoxville, TN

Position Summary:

Under minimal supervision, the Cybersecurity Analyst, Sr., is responsible for protecting client's information systems and data assets from cyber threats. This role involves monitoring, analyzing, and responding to security incidents, managing cybersecurity tools and platforms, and ensuring compliance with healthcare regulations such as HIPAA and HITECH, while adhering to frameworks such as NIST and HITRUST. The analyst will work closely with IT infrastructure, application teams, and clinical departments to implement security best practices and maintain a secure environment across the enterprise.

Position Accountabilities and Performance Criteria:

1. Monitor and respond to security alerts and incidents using SIEM and EDR platforms.

1. Conduct vulnerability assessments and coordinate remediation efforts with system and network teams.

1. Develop and maintain security policies, procedures, and standards aligned with NIST and CIS frameworks.

1. Lead investigations of security breaches and coordinate incident response activities.

1. Perform regular audits of access controls, user permissions, and privileged accounts.

1. Collaborate with infrastructure and application teams to ensure secure system configurations and patch management.

1. Support compliance initiatives including HIPAA, HITECH, PCI-DSS, and other regulatory requirements.

1. Conduct risk assessments and recommend mitigation strategies for new technologies and projects.

1. Provide cybersecurity awareness training and guidance to staff across the organization.

1. Participate in interdisciplinary IT projects to ensure security is embedded throughout the system lifecycle.

1. Maintain current knowledge of emerging threats, vulnerabilities, and cybersecurity technologies.

1. Assist in the design and implementation of security architecture, including firewalls, VPNs, and identity management solutions.

1. Document and report on security metrics, incidents, and risk posture to IT leadership.

1. Implement continuous security monitoring and threat intelligence analysis.

1. Support forensic investigations and digital evidence collection.

1. Ensure secure cloud adoption, and configuration (Azure, AWS, Microsoft 365).

1. Research, prototype and recommend new security tools, processes, or capabilities that will enhance client's controls

1. Collaborate with legal and compliance teams during audits and regulatory reviews.

1. Follows policies, procedures, and safety standards. Completes required education assignments annually. Works toward achieving goals and objectives, and participates in quality improvement initiatives as requested.

1. Performs other duties as assigned.

Minimum Education: Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent work experience and certifications (e.g., Security+, CySA+, GSEC, CISSP, CISM, CEH, GIAC) will be considered.

Minimum Experience: Seven (7) years of experience in IT, with at least five (5) years focused on cybersecurity in a large, complex environment.