Cybersecurity Analyst

Overview

Now is the time to join us! 

We’re Personify Health. We’re the first and only personalized health platform company to bring health, wellbeing, and navigation solutions together. Helping businesses optimize investments in their members while empowering people to meaningfully engage with their health. At Personify Health, we believe in offering total rewards, flexible opportunities, and a diverse inclusive community, where every voice matters. Together, we’re shaping a healthier, more engaged future.

Responsibilities

Who are you?

• As Cyber Security Analyst for the industry leading employee wellbeing and engagement platform, you will be a key team member responsible for ongoing prevention, detection and response to cyber threats across all the company’s systems.
• Reporting to the Manager, Information Security, your core responsibilities will include working with our InfoSec, CyberSecOps, CyberSecEng, Fraud Prevention, and Corporate Systems teams to ensure security alerts and fraud prevention items are actioned within SLA’s, configured, deployed and performing optimally.
• Key responsibilities will include monitoring tools and ensuring the security of data and systems through preventing, identifying and remediating weaknesses and vulnerabilities across our technical infrastructure, applications and platforms.

This is a hands-on roll involving maintenance and management of production and corporate security alerts across tools in addition to actively working on ticket backlogs, Incident Response and Fraud Prevention.

In this role you will wear many hats, but your knowledge will be essential in the following:  

• Design and Implement Security Measures: Develop and maintain security systems to protect against cyber-attacks and data breaches.
• Monitor Networks: Continuously monitor network traffic for suspicious activity and respond to security incidents.
• vulnerability Assessments: Collaborate on regular penetration testing and vulnerability assessments to identify and address security weaknesses.
• Develop Security Policies: Create and enforce security policies and best practices across the organization.
• Incident Response: Quickly respond to and mitigate security breaches, including performing digital forensics.
• Collaborate with IT Teams: Work closely with other IT professionals to ensure comprehensive security measures are in place.
• Assist a team of CyberSecOps Engineers and Cyber Security Analysts'
• Monitor AWS and Azure security dashboards (Guard Duty, Security Hub, VPC Flow Logs, Sumo Logic, Reliaquest etc).
• Continuously assess endpoint security control coverage, escalating gaps to appropriate teams for corrective action where required.
• Create and manage security metric dashboards for use within the team and provide management reporting.
• Lead event analysis for network and system alerts in addition to anomalous platform activity, supporting internal and customer facing teams with accurate and timely log review and follow up.
• Participate Red / Blue Team and CSIRT exercises, involving stakeholders across the business.
• Regularly audit public IP space and DNS records including cloud hosting resources.
• Manage cyber reputation tools to ensure findings are reviewed and resolved efficiently.
• Deliver weekly reporting on core security metrics to applicable stakeholders.
• Support business teams to interpret governance requirements into technical controls.
• Manage relationships with security vendors and consultants.
• Guide complex problems from identification to resolution, providing subject expertise to colleagues across the business.
• Investigate, recommend and install security enhancements and operating procedures to enhance security posture and optimize workflows.
• Ensure the confidentiality, integrity and availability of information being processed, stored, accessed or transmitted within systems and networks.
• Support the planning and execution of business continuity and disaster recovery tests.
• Serve as lead and escalation point for security events.
• Coordinate with stakeholders across the business for mitigations pertaining to ongoing security threats to the organization as needed.
• Participate in on call rotation providing after hours and weekend coverage

You’ll be rewarded and recognized for your performance in an environment that will challenge you and give you clear direction on what it takes to succeed in your role as well as provide development for other roles you may be interested in.

Qualifications

What you bring to the Personify Health Team:

In order to represent the best of what we have to offer you come to us with a multitude of positive attributes including:

• Education: Typically, a bachelor's degree in cybersecurity, computer science, or a related field.
• Advanced degrees can be beneficial.
• Certifications: Relevant certifications like CISSP, CEH, or CompTIA Security+ are often required.
• Experience: Practical experience through internships or previous roles in IT security.

You also take pride in offering the following Core Skills, Competencies, and Characteristics:

• Technical Skills: Proficiency in firewall installation, intrusion detection systems, encryption technologies, and network security protocols.
• Programming Knowledge: Familiarity with programming languages such as Python and knowledge of operating systems like Windows, Linux, and UNIX.
• Analytical Skills: Strong problem-solving abilities and attention to detail.
• Communication Skills: Ability to clearly communicate security measures and protocols to non-technical staff.
• Education and Certifications: A bachelor's degree in cybersecurity, computer science, or a related field is typically required. Certifications like CISSP or CISM are highly valued Hungry, Humble and Smart attitude.
• Interest in SaaS Cyber Security / SecOps roles.
• Ability to prioritize and execute tasks in a high-pressure environment and take direct instruction during emergency situations.
• In depth experience with SIEM, Endpoint Protection, Data Loss Prevention, Intrusion
• Detection and Cloud Security management.
• Previous responsibility in management of security vendors and budgets
• Demonstrated ability to prioritize and treat technical risks.
• Previous work supporting of SOC, ISO, PCI, and HITRUST certification and compliance programs.
• Experience in vulnerability management programs and patch management.
• Able to provide technical and professional leadership, guidance, and training to others.
• Ability to build relationships and communicate effectively with peers across all business functions.

No candidate will meet every single desired qualification. If your experience looks a little different from what we’ve identified and you think you can bring value to the role, we’d love to learn more about you!

Personify Health is an equal opportunity organization and is committed to diversity, inclusion, equity, and social justice.

We strive to cultivate a work environment where differences are celebrated, and employees of all backgrounds are empowered to thrive. Personify Health is committed to driving Diversity, Equity, Inclusion and Belonging (DEIB) for all stakeholders: employees (at each organization level), members, clients and the communities in which we operate. Diversity is core to who we are and critical to our work in health and wellbeing.