About Streamline:

Streamline’s mission is to build innovative technology solutions that empower people who improve behavioral health and quality of life of those in need. We are a high growth technology company that delivers web-based software for healthcare organizations to provide and coordinate all service delivery processes. Streamline has been offering software in the behavioral health marketplace since 2003. Streamline has built and maintains systems for some of the nation’s premier behavioral health organizations using the latest web-based technology.

Streamline offers competitive compensation and benefits packages as well as a challenging, yet flexible, work environment that is conducive to collaboration and productivity. A career with Streamline Healthcare Solutions provides opportunities for growth and continued learning in a workplace where individual contribution is valued and recognized. Join us, and advance your career today with a company that is on the cutting edge of the behavioral healthcare technology industry.

Here at Streamline, we strive on building lasting and trusting relationships with our clients, and our employees set the bar.

Job Overview:

The Security Analyst is a hands-on role that will lead the monitoring and maintaining of
Streamline’s security perimeter and make recommendations, based on analysis and findings, for
security improvements. This position will apply solid technical, business, and problem solving skills to
diagnose and resolve issues. The Security Analyst will coordinate with vendors, customers, and
Streamline staff to ensure company documentation (procedures, processes, contractual language,
best practices, configuration specifications) is in place and kept up-to-date. This position will
participate in the monthly server maintenance schedule.

The IT Security Analyst will lead efforts ensuring compliance with HIPAA, NIST (and other security
frameworks), FISMA, FedRAMP, and other regulations and best practices. The Security Analyst will
work independently to understand security needs and develop/support security solutions. The
Security Analyst will assist, consult, train and mentor other NOC team members and Support Team
staff and provide direct technical guidance with tasks as necessary. Other responsibilities include
facilitating customer meetings and periodically facilitating security training sessions for staff and
customers.

Essential Job Functions:

• Track and resolve identified security issues as identified in penetration tests, security audits, Streamline’s security risk assessment program, Azure Tools (Microsoft Defender for Cloud - formerly Azure Security Center and Azure Defender), and other security tools.
• Ensure compliance with Streamline’s Disaster Recovery and Business Continuity plans (including periodic testing and desktop exercises)
• Work with internal and external parties in support of IT compliance-related documentation requests, corrective actions, and incident response reporting
• Secure network, hardware, desktops, laptops, mobile devices and all company data
• Routinely perform internal and external risk analysis, security audits, vulnerability assessment, and penetration testing
• Monitor traffic and regularly review various logs from routers, UTMs, firewalls, intrusion prevention systems. Configure and monitor SIEM logs and events and work with designated Managed Detection and Response vendors.
• Develop and implement security policies
• Identify areas of non-compliance and make recommendations for achieving compliance
• Coordinate data destruction and secure disposal of hardware
• Actively work to reduce risk levels of data loss from malware, antivirus and ransomware
• Have a good understanding of general networking concepts and protocols
• Monitor, assess, and report compliance with internal controls including segregation of duties, authorizations, access control, and general IT controls related to the confidentiality, integrity, and availability of customer data
• Monitor the organization’s networks and systems for security breaches or intrusions; develop and/or activate contingency planning in the event of a security breach
• Evaluate the design and effectiveness of IT controls based upon industry best-practice models (e,g. ITIL, FISMA, NIST, etc.)

Job Requirements:

Bachelor's degree from four-year college or university in Business Administration, Information Systems Management, or other relevant fields; or 6 years related experience and/or training; or equivalent combination of education and experience. 5 years of experience in support services or technology management.

• Minimum 5 years of experience directly related to information security
• Five plus years working experience with FISMA, HIPAA and/or NIST 800-53
• SSCP (Systems Security Certified Practitioner), CISSP (Certified Information Systems Security Professional) or CEH (Certified Ethical Hacker) certification is preferred
• Experience with using security tools such as NMAP, Qualys, and SIEMs
• 3 years of security experience with Azure Cloud (or other cloud provider)
• Excellent written and oral communication skills
• Strong critical thinking, analytical thinking, and problem-solving abilities