Support ServicesMiamisburg,Ohio/Hybrid/Onsite Full Time Days

Reports To: Manager of Information Security

Responsibilities & Requirements

The Information Security Analyst II supports the protection of sensitive healthcare information, clinical systems, and technology infrastructure. This role focuses on threat detection, incident response, vulnerability management, and compliance with healthcare regulations such as HIPAA. The analyst collaborates with IT, clinical, and business stakeholders to reduce risk and ensure the confidentiality, integrity, and availability of electronic protected health information (ePHI).

Job Requirements: 

• Associate’s degree in Cybersecurity, Information Technology, Computer Science, or a related field (or equivalent experience). 
• 3–5 years of experience in information security, security operations, or related IT roles

Hands‑on experience with:

• Security monitoring and incident response
• Vulnerability management tools and processes
• Endpoint, network, and identity security controls
• Microsoft Windows Administration (AD/Azure, Exchange, etc.)

Working knowledge of:

• HIPAA Security Rule requirements
• Windows and Linux operating systems
• Networking fundamentals (TCP/IP, DNS, firewalls)
• Common attack techniques targeting healthcare environments
• Strong analytical, documentation, and communication skills
• Ability to work effectively in a regulated, patient‑care‑focused environment

Job Responsibilities:

• • Monitor security events and alerts using SIEM, EDR, and other security tools to detect potential threats impacting healthcare systems and data
  • Investigate, respond to, and document security incidents involving ePHI, clinical applications, and enterprise infrastructure
  • Support incident response activities including containment, recovery, root‑cause analysis, and post‑incident reporting
  • Conduct vulnerability scanning and risk assessments of servers, endpoints, medical devices, and healthcare applications
  • Assist with remediation efforts and validate security control effectiveness in collaboration with IT, clinical engineering, and application teams
  • Support compliance with healthcare regulatory requirements including HIPAA, HITECH, and organizational security policies
  • Participate in audits, risk assessments, and third‑party security reviews
  • Maintain and update security documentation, incident response playbooks, and standard operating procedures
  • Contribute to security awareness initiatives and provide guidance to staff on protecting patient information
  • Server as a mentor for junior analysts, coaching and growing their skills capabilities
  • Stay informed of emerging healthcare cybersecurity threats, ransomware trends, and industry best practices

Preferred Qualifications

Preferred Qualifications

• Experience in healthcare, hospital, payer, or clinical environments
• Familiarity with electronic health record (EHR) platforms and clinical systems
• Experience securing cloud‑based healthcare workloads (Azure, AWS, or GCP)
• Scripting or automation experience (PowerShell, Python, or similar)
• Certifications such as:
  • CompTIA Security+ or CySA+
  • CISSP, HCISPP, SSCP, GCIH, or similar