Job Description
Job Summary:
Fortified Health Security is seeking a hands-on Information Security Analyst to support a healthcare client through a full-time, staff augmentation engagement. This Security Analyst will work directly with the client’s technology and operations teams as well as Fortified’s vCISO and EOD team to assist with a variety of technical security tasks—focusing on email security, endpoint protection, firewall administration, and user access governance. This role involves day-to-day operational support and project work across several security platforms and tools.
Client-Specific Responsibilities:
The following duties are normal for this position. The omission of specific statements of duties does not exclude them from being expected of this position if the work is similar, related, or a logical assignment for this position. Other duties may be required.
· Email & Messaging Security: Support O365 environment; understand Mimecast, Abnormal, and Exchange routing. Assist with email spoofing/spam reviews and graymail analysis.
· Phishing Defense: Coordinate second-pass reviews via Abnormal or KnowBe4 PhishER.
· Endpoint Security: Support for CrowdStrike Falcon Suite and MorphiSec. Address endpoint alerts and host group maintenance.
· Firewall Rule Adjustments: Create and adjust N/S and E/W rules using Palo Alto and Panorama. Some Cisco ASA involvement for server-to-web or rule-based filtering.
· Web Gateway Oversight: Administer or monitor Trellix/Sky High configurations.
· MFA/SSO: Assist with DUO enrollments and resets; support Azure SSO scenarios as needed.
· Policy & Procedure Support: Contribute to documentation and configuration standards for tools in use.
· Incident Handling: Triage detections escalated from CrowdStrike or abnormal activity in O365 or other security platforms. Investigate security breaches and other cybersecurity incidents.
· Help standardize control operations across cloud (M365), endpoint, and perimeter defense systems.
· Collaborate with various Client security team, Client’s third parties, and Fortified departments, to ensure a holistic approach to cybersecurity.
Essential Job Functions:
· Have an understanding of healthcare business operations, the healthcare cybersecurity landscape, and the healthcare regulatory environment.
· Collaborate with Fortified’s vCISO to mature the client’s security posture and close documented gaps.
· Assist vCISOs in the identification and proposal of key information security priorities, initiatives, plans, practices, and tools.
· Research potential and emerging information security threats, vulnerabilities, and potential control techniques and communicate this information to client contacts.
· Develop necessary policies / procedures / processes pertaining to Cybersecurity Risk Management.
· Install security measures and operate software to protect systems and information infrastructure
· Develop security policies, procedures, standards, and runbooks.
· Document security breaches and assess the damage they cause.
· Work with the Client’s security team to perform tests and uncover vulnerabilities.
· Develop company-wide best practices for IT security.
· Document and communicate recurring patterns or systemic issues requiring escalation or strategic remediation.
· Help clients install security software and understand information security management.
· Research security enhancements and make recommendations to vCISOs/client leadership.
· Stay current on evolving cybersecurity threats and how they impact email, endpoint, and identity systems.
· Analyzing security breaches to identify the root cause.
· Verifying the security of third-party vendors and collaborating with them to meet security requirements.
· Ability to multitask and prioritize daily workload.
· Resourcefulness and ability to take the initiative in development and completion of work projects.
Knowledge & Skills:
Education & Experience
· 3+ years in IT or information security in a hospital environment
· Bachelor's degree from a four-year college or university or combination of education and experience.
· Working knowledge of:
o Mimecast, Microsoft 365 (O365), Exchange hybrid environments
o Palo Alto firewalls, Panorama management
o Endpoint Detection and Response (EDR) tools such as CrowdStrike
o Web gateways and DLP tools (Trellix/SkyHigh preferred)
o MFA solutions (DUO, Azure SSO)
o Familiarity with security operations workflows and tools like Abnormal, MorphiSec, and PhishER.
· Strong understanding of network security concepts, firewalls, intrusion detection/prevention systems (IDS/IPS), MFA, Asset Management, DLP, Application Control, etc.
· A consultative background is preferred
· Experience with SIEM tools and security information and event management (SIEM) principles.
· Experience with security orchestration, automation, and response (SOAR) tools.
· Experience with cloud security concepts (AWS, Azure, GCP).
· Scripting experience (PowerShell or Python) is a plus but not required.
· Three years or more general network (WAN) experience a plus.
Special Skills & Knowledge
· Demonstrate strong problem-solving skills and a desire to learn; be a self-starter with a can-do attitude; excellent customer relationships skills; excellent communication skills; ability to handle sensitive information; good verbal and written skills, team player.
· Analytical mindset, and critical thinking abilities; data driven.
· Self-motivated individual capable of working in a fast-paced, dynamic environment.
· Detail and results oriented, skilled at both planning and hands-on execution.
· Ability to excel in a team-oriented, collaborative, and fast-paced environment.
· Excellent written, verbal, and presentation skills.
· Working knowledge concerning all network technology including LAN, WAN concepts, wireless technology, and VOIP concepts preferred.
· Troubleshooting skills.
· Must have strong analytical and problem-solving skills, as well as excellent interpersonal and communication skills and abilities.
· Ability to effectively communicate with a wide range of individuals and constituencies in a diverse healthcare setting.
Licenses, Certifications, etc.
· One or more of the following certifications are preferred: GSEC, Security+, SSCP, CSA+, CASP+, Palo Alto Certified Network Security Administrator (PCNSA), CISSP
Requirements:
Supervisory Responsibility
· N/A
Working Conditions & Travel Requirements
· Travel as needed.
Fortified Health Security is an Equal Opportunity Employer. In compliance with the Americans with Disabilities Act, Fortified Health Security will provide reasonable accommodations to qualified individuals with disabilities. If a reasonable accommodation is needed to perform this position, you need to inform Fortified Health Security People and Culture Team of such request. Signatures below indicate the receipt and review of this job description by the associate assigned to the position and the People and Culture Team.
