SR CYBER SECURITY ANALYST

Job Summary

The Senior Security Analyst position will provide security strategies, implement security initiatives, and respond to security incidents. This position helps design, implement, manage, and monitor technical, administrative, and physical controls to protect the confidentiality, integrity, and availability of NHG’s information assets. The Senior Security Analyst will serve as a trusted authority on cybersecurity practices, policies, and technologies, acting as a liaison between IT and business teams to balance organizational security needs with operational efficiency.

ESSENTIAL DUTIES AND RESPONSIBILITIES include the following. Other duties may be assigned.

· Collaborate with the Security team, IT Leaders, organizational stakeholders, and the Head of IT in the development and execution of Information Security strategies.

· Protect NOW Health Group’s on-premises and Coud systems, networks, and applications against all security breaches.

· Act as a technical point of contact during security incidents.

· Contain, investigate, remediate, and document information security incidents.

· Research threat actors, tactics, techniques, procedures, malware, and other Indicators of Compromise (IoC).

· Assess, monitor, and report IT vulnerabilities.

· Prepare and analyze security reports to identify trends and drive secure behaviors throughout the organization.

· Perform forensic analysis.

· Assist in developing security standards, policies, and procedures for NOW Health Group.

· Participate in management and implementation of IT projects and help deliver them on time, on budget and according to required specifications.

· Stay up to date on latest security technologies, techniques, vendors, and make recommendations to enhance the cybersecurity posture of the company.

· Provide mentorship and training to Security and IT Teams.

· Some after-hours and on-call support will be required.

SAFETY RESPONSIBILITY STATEMENT

Supports a culture of safety; follows all workplace health and safety procedures. Responsible for safety performance in respective area. Ensures the implementation of, adherence to, and enforcement of workplace health and safety requirements. Ensures activities are completed to promote and enforce safe behaviors by supervisors and employees. Ensures injury prevention efforts are effectively implemented. Fulfills responsibilities as outlined in the company safety management plan.

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required.

· Minimum 10 years of security-specific work experience.

· Hands-on experience with security technologies including SIEM, IDPs, EDR software, proxies, and firewalls.

· Knowledge of penetration testing, network security, patch management, and the techniques used to expose and correct security flaws.

· Proficiency with the MITRE ATT&CK framework and threat intelligence applications.

· The ability to identify and spotlight vulnerabilities in on-premises and remote networks, remediate problems, and prevent security breaches.

· Experience with threat-led penetration testing, attack simulation, and red/blue team exercises.

· Experience managing a ticket queue, working on multiple issues at once, while providing regular updates to customers, leadership, and teammates.

· Experience with network monitoring and management tools, including network analyzers.

· A strong focus on attention to detail, timely delivery, and satisfying user requirements.

· Develop and maintain relationships with key business areas and platform owners to provide ongoing assurance, helping to identify security risks in applications.

EDUCATION and/or EXPERIENCE

· Bachelor's degree from four-year college or university; and at least nine years of related cybersecurity experience and/or training; or equivalent combination of education and experience.

· Must have at least one of the following certifications: CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CompTIA Advanced Security Practitioner (CASP ).

LANGUAGE SKILLS

· Good oral and written communication skills.

· Ability to effectively respond to requests, present information, and drive adoption of Security practices across the organization.

· Ability to read, analyze, apply and improve technical SOPs.

· Ability to read and interpret documents such as procedure manuals, professional journals, operating and maintenance instructions, and safety rules.

· Strong ability to create detailed documentation to drive efficiency of operations.

REASONING ABILITY

· Soft skills such as analytical thinking, problem-solving, attention to detail, critical thinking, and data driven analysis.

· Sound decision making and trouble-shooting ability with an aptitude for solving difficult problems using creative solutions.

PHYSICAL DEMANDS

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

WORK ENVIRONMENT

The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

 2025 BENEFITS AT A GLANCE