Information Security Analyst

Operation PAR, Inc. • Largo, FL, US • 16h geleden

ABOUT THE ORGANIZATION:

Operation PAR, Inc. is a non-profit organization offering the full continuum of services for individuals with substance use and/or mental health disorders.  PAR has been providing comprehensive behavioral health treatment in west Florida since 1970 through advocacy, education, clinical services, and research.

BENEFITS:

9 paid holidays per year
3 weeks of PTO per year (on top of holidays).  PTO increases to 4 weeks/year after 2 years of employment, and then to 5 weeks/year after 5 years of employment.
Medical/Dental/Vision/Life Insurance
401k matching
Tuition reimbursement
Continuing education, reimbursement for professional certifications, licensure and qualified supervision.

GENERAL DESCRIPTION: The Information Security Analyst is responsible for safeguarding the organization’s information systems, networks, and data, with a primary focus on protecting Protected Health Information (PHI) and Personally Identifiable Information (PII) in a nonprofit healthcare environment. This role supports the organization’s cybersecurity program through monitoring, analysis, incident response, risk management, and compliance activities aligned with regulatory frameworks such as HIPAA and HITECH, as well as 42 CFR part 2. This position will be responsible for helping the executive team to set the direction for overall information security within the environment.

KEY RESPONSIBILITIES:

Security Operations & Monitoring:

Monitor security tools (SIEM, EDR, IDS/IPS, email security platforms)
Analyze security alerts and respond appropriately
Conduct log analysis across systems
Participate in vulnerability scanning and remediation tracking

Incident Response & Threat Management:

Support incident response lifecycle
Document incidents and maintain evidence
Assist in ransomware preparedness exercises
Collaborate with IT and business units

Risk Management & Compliance:

Assist in HIPAA risk assessments
Maintain security policies and procedures
Support compliance with HIPAA, HITECH, 42 CFR part 2, and NIST CSF
Participate in audits as required

Security Awareness & Training:

Support phishing simulations and training
Educate staff on PHI handling
Promote cybersecurity awareness

System & Data Protection:

Maintain IAM and MFA controls
Support encryption and DLP strategies
Review access for least privilege

Collaboration & Continuous Improvement:

Work with IT, clinical teams, and other departments across the organization to ensure compliance
Stay current on threats
Recommend security improvements

Key Competencies:

Analytical thinking
Attention to detail
Communication skills
Integrity
Task prioritization

REQUIRED QUALIFICATIONS:

Degree in Cybersecurity/IT or equivalent experience
Minimum 2 years progressive experience
Knowledge of networking, operating systems, and security principles
Familiarity with PHI protection

PREFERRED QUALIFICATIONS:

Security+ or CISSP certification
Healthcare or nonprofit experience
Experience with SIEM, EDR, cloud security
Familiarity with NIST CSF or HITRUST

ESSENTIAL JOB FUNCTIONS:

Commitment to workplace of dignity and respect
Compliance with all Equal Employment Opportunity rules and guidelines
Ability to work with others cooperatively and cordially in a spirit of teamwork
Ability to appear at work as scheduled, mindful of the company’s attendance policies
Ability to accept direction from managers and supervisors in a respectful and collaborative manner

SPECIAL REQUIREMENTS: