Junior Cybersecurity Analyst
Description:
Job Description
Description:
Overview
SpendMend is the leading provider of tech-enabled solutions to optimize the cost cycle for the healthcare industry. The Company serves more than a third of the top 100 health systems and is a market leader in profit recovery services utilizing its tech-enabled platform to generate cost savings for hospitals by identifying instances of payment errors and contract non-compliance within hospitals’ operating expenses.
A Junior Cybersecurity Analyst assists in protecting an organization’s computer systems and networks from cyber threats. This role involves supporting senior analysts in monitoring, detecting, and responding to security incidents, as well as helping to implement security measures.Requirements:
Key Responsibilities:
Assist in Monitoring Security Systems: Help monitor security systems and networks for unusual activity or potential threats.
Support Incident Response: Assist in investigating and responding to security breaches or incidents, including analyzing the cause and mitigating the impact.
Conduct Basic Vulnerability Assessments: Participate in regular vulnerability assessments and penetration tests to identify and address security weaknesses.
Help Develop Security Policies: Support the development and implementation of security policies and procedures to ensure compliance with industry standards and regulations.
Risk Management Support: Assist in assessing and managing risks associated with new technologies, software, and hardware.
Security Awareness Training: Help educate employees on security best practices and conduct training sessions to raise awareness about cybersecurity threats.
Prepare Reports: Assist in preparing detailed reports on security incidents, vulnerabilities, and compliance issues for management and stakeholders.
Collaborate with IT Teams: Work closely with IT teams, management, and external partners to ensure comprehensive security measures are in place.
Qualifications:
1-3 years’ experience in cybersecurity field
Bachelor’s degree in Computer Science, Information Technology, or a related field (or equivalent experience).
Interest in obtaining relevant certifications such as CISSP, CEH, CCSP or CompTIA Security+.
Basic understanding of cybersecurity principles, tools, and technologies.
Proficiency in securing cloud environments, with hands-on experience in both AWS and Azure cloud platforms. This includes configuring security controls, monitoring cloud infrastructure, and ensuring compliance with security standards.
Familiarity with administrative tasks in AWS and Azure, such as user and role management, identity and access management (IAM), network security configurations (e.g., security groups, firewalls), and auditing.
Experience with cloud-native security tools like AWS Security Hub, GuardDuty, Azure Security Center, and Azure Sentinel for monitoring, threat detection, and incident response.
Experience with Microsoft Intune and Group Policy for managing and securing endpoints across the organization. This includes policy configuration, mobile device management (MDM), and ensuring compliance with security standards through centralized device management.
Strong problem-solving and analytical skills.
Willingness to learn and adapt in a fast-paced environment.
Good communication skills and ability to work in a team.
Specific tasks (not for job spec)
Work with management to build out awareness and training (using KnowBe4)
Responsible for consolidation of monthly metrics package
Handle phishing emails
Address EDR reported threats/incidents
Patch/Vulnerability Management
SIEM log reviews
Assistance with HITRUST certification
Review information from Health-ISAC and publish cybersecurity articles
Other projects as assigned by management
We are not able to sponsor work visas for this position.
Full-time