Security Analyst
Alpharetta, GA - USA
Job Summary
For 30 years Surgical Information Systems (SIS) has empowered surgical providers to Operate Smart by delivering innovative software and services that drive clinical financial and operational success. For ambulatory surgery centers (ASCs) SIS provides comprehensive software and services including ASC management electronic health records (EHRs) patient engagement capabilities compliance technology and revenue cycle management and transcription services all built specifically for ASCs. For hospital perioperative teams SIS offers an easy-to-use anesthesia information management system (AIMS).
Serving over 2900 surgical facilities SIS is committed to delivering solutions that enable surgical providers to focus on what matters most: delivering exceptional patient care and outcomes.
Recognized as the No. 1 ASC EHR vendor by Black Book for 11 consecutive years and honored with the Best in KLAS Award for ASC Solutions inand 2022 SIS remains the trusted choice for surgical providers seeking to enhance their performance.
Discover how SIS can help you Operate Smart at .
The Security Analyst owns the day-to-day analytical and coordination workload across security operations vulnerability management identity governance incident response support audit readiness and security control monitoring. The role acts as an execution partner to the Security Manager providing operational depth disciplined follow-through and clear escalation. Management retains accountability for security strategy architecture decisions material risk acceptance and executive governance. This role supports the confidentiality integrity and availability of systems that process sensitive healthcare information for more than 2900 ambulatory surgery centers nationwide.
- Complete work in a thorough and timely manner in accordance with applicable standards defined plans budgets schedules and risk priorities.
- Nothing in this job description restricts managements right to assign or reassign duties and responsibilities to this job at any time.
ESSENTIAL DUTIES/ RESPONSIBILITIES:
- Monitor analyze and triage security alerts anomalous activity vulnerabilities suspicious access and potential data exposure events across cloud SaaS endpoint network and identity environments.
- Conduct initial incident triage and investigation. Collect and preserve relevant evidence document findings and coordinate escalation containment and remediation activities under established incident response procedures.
- Coordinate vulnerability prioritization remediation tracking exception documentation and closure validation with IT DevOps development and applicable system owners.
- Support identity governance activities including user access reviews privileged access reviews MFA and conditional access validation service account reviews and termination and offboarding checks.
- Validate security control coverage and configuration effectiveness identify gaps and coordinate with control owners to support timely risk reduction and remediation.
- Support SOC 2 HITRUST HIPAA client security request and audit readiness activities through evidence collection control testing support documentation and issue follow-up.
- Prepare clear operational reporting on security events vulnerabilities cloud and SaaS risk indicators incident trends remediation status and control coverage.
- Participate in security reviews of product changes cloud deployments vendor integrations and technical designs by identifying gaps documenting findings and escalating material risk to the Security Manager.
- Prepare concise findings risk summaries and remediation recommendations for review by the Security Manager and CISO.
- Maintain accurate documentation of procedures investigations and recurring security operations tasks
SPECIFIC KNOWLEDGE & SKILLS REQUIRED:
- Three to five years of experience in security operations systems administration network administration cloud administration or similar technology environments; healthcare IT or SaaS experience preferred.
- Hands-on experience with security monitoring incident triage vulnerability management log analysis identity security concepts cloud security concepts data protection and audit support.
- Working knowledge of HIPAA-related security and privacy expectations SaaS or healthcare technology environments third-party risk and secure handling of sensitive data.
- Ability to work independently on assigned operational priorities while escalating material risks blockers and decisions requiring management direction.
- Strong written and oral communication and documentation skills with the ability to translate technical findings into concise risk and remediation summaries for technical and non-technical stakeholders.
- Perform other duties as assigned.
CERTIFICATIONS:
- Security cloud or incident response certification preferred (such as Security CySA AZ-500 or GCIH) or ability to achieve a relevant certification within the first year.
BENEFITS:
- Benefit package including Medical Vision Dental Short Term Disability Long Term Disability and Life Insurance
- Vacation/Sick time
- 401(k) retirement plan with company match
- Paid Holidays
- SIS Cares Day
- Hybrid or Remote environment depending on the role
We believe employees are our greatest asset and we empower them to make a difference in our business. Diversity and inclusion makes us all better. Qualified applicants will receive consideration for employment without regard to race color religion sex national origin sexual orientation gender identity age disability protected veteran status and all other protected statuses
Surgical Information Systems is an Equal Opportunity Employer and complies with applicable employment laws. M/F/D/V/SO are encouraged to apply.
At this time we are unable to sponsor H1B candidates
Required Experience:
IC
About Company
Serving surgery providers for 20+ years, Surgical Information Systems offers software solutions and services for ambulatory surgery centers & hospitals.