Information Security Analyst

We have an opportunity to join the Alliance as an Information Security Analyst in the Information Technology Services Division.

Reporting to the Information Security Manager, this position:

• Performs analysis of Alliance information security practices to ensure alignment with industry standards and guidelines
• Identifies, investigates, and resolves security breaches detected by Alliance security solutions
• Participates in the creation and maintenance of policies, standards, guidelines, and procedures related to information security
• Leads and performs staff training on information security and security breach prevention

THE IDEAL CANDIDATE

• Brings a broad foundation across multiple areas of information security, including network security, endpoint protection, identity and access management, and cloud security, in a healthcare environment
• Demonstrates strong knowledge of security frameworks (e.g., NIST, ISO 27001, CIS Controls) and regulatory requirements (e.g., HIPAA, PCI-DSS, GDPR)
• Skilled in monitoring, analyzing, and responding to security incidents using SIEM tools and other detection technologies
• Able to perform vulnerability assessments, interpret findings, and recommend practical remediation steps
• Comfortable with both proactive (risk assessments, audits, security awareness training) and reactive (incident response, forensic analysis) security functions
• Effective communicator who can explain technical risks and solutions to both technical teams and non-technical stakeholders
• Strong problem-solving mindset and attention to detail; able to anticipate threats and implement preventive measures
• Demonstrated ability to collaborate across IT, compliance, and business units to align security with organizational goals
• Keeps current with emerging cyber threats, trends, and best practices
• CISSP or CISM a plus

WHAT YOU'LL NEED TO BE SUCCESSFUL

To read the full position description and list of requirements, click here.

• Knowledge of:




• HIPAA and FISCAM security guidelines
• Computer network penetration testing
• Security frameworks, such as NIST, ISO 27001, and COBIT
• Firewalls, proxies, SIEM, antivirus, and IDPS concepts
• Security systems, operating systems, and virtualization




• Ability to:
  
  
  
  • Identify, mitigate and educate staff regarding the avoidance of network vulnerabilities
  • Write clearly, concisely and precisely and convey information to the intended audience in a manner that is easily understood
  • Interpret and synthesize a wide range of information from a variety of sources and translate complex information and concepts into clear, succinct documentation
  • Develop training materials and conduct staff training
  • Demonstrate strong analytical and problem-solving skills, define issues, conduct research, and analyze and interpret data
  
  
  
  
• Education and Experience:
  
  
  
  • Bachelor's degree in Information Technology, Cybersecurity, Computer Science, or a related field
  • A minimum of eight years of professional-level information technology experience, which included a minimum of three years of experience performing information security functions in a health care environment (a Master's degree may substitute for two years of the required experience); or an equivalent combination of education and experience may be qualifying
  
  
  
  

OTHER INFORMATION

• We are in a hybrid work environment and we anticipate that the interview process will take place remotely via Microsoft Teams.
• While some staff may work full telecommuting schedules, attendance at quarterly company-wide events or department meetings will be expected.
• In-office or in-community presence may be required for some positions and is dependent on business need. Details about this can be reviewed during the interview process.

The full compensation range for this position is listed by location below.

The actual compensation for this role will be determined by our compensation philosophy, analysis of the selected candidate's qualifications (direct or transferable experience related to the position, education or training), as well as other factors (internal equity, market factors, and geographic location).

Typical areas in Zone 1: Bay Area, Sacramento, Los Angeles area, San Diego area

Typical areas in Zone 2: Fresno area, Bakersfield, Central Valley (with the exception of Sacramento), Eastern California, Eureka area