Systems Security Analyst jobs in United States
cer-icon
Apply on Employer Site
company-logo

Brown University Health · 2 months ago

Systems Security Analyst

positionProvidence, RI
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$103K/yr - $170K/yr
date10+ years exp

Brown University Health is a comprehensive academic health system, and they are seeking a Systems Security Analyst to join their Chief Information Security Officer's team. This hands-on role requires technical and analytical expertise to manage security tools, ensure compliance with regulatory requirements, and proactively manage security risks.

EducationHealth CareMedicalUniversities
check
H1B Sponsor Likelynote

Responsibilities

Consistently applies the corporate values of respect, honesty and fairness and the constant pursuit of excellence in improving the health status of the people of the region through the provision of customer-friendly, geographically accessible and high-value services within the environment of a comprehensive, integrated academic health system. Is responsible for knowing and acting in accordance with the principles of the Brown University Health Corporate Compliance Program and Code of Conduct
Monitors, configures and takes remediation actions surrounding, SIEM, Alerting / Detection (Network & Endpoint), Log Management, Phishing (Detection & Response), Digital Forensics, Penetration Testing, Zero-Trust architecture, threat-informed defense (MITRE ATT&CK), O365, and security automation
Monitor and configure security controls across multi-cloud (Azure / AWS) environment as needed
Assists in the development and documentation of security architecture, policies, standards, and procedures
Works with third party partners and services to ensure Brown University Health receives value and performance in accordance with contractual agreement
Participate in cloud / on-premises Incident Response processes, including tabletop exercises for breach scenarios
Ensure Brown University Health is prepared for external audits
Maintains up-to-date technical knowledge by attending seminars, vendor presentations, and reading professional literature
Attend and actively contribute to problem-management and major-incident conference calls as required
Researches and assists in the piloting and evaluation of new tools, technologies, technical controls, and processes to support and enforce defined security policies
Monitor emerging threats, vulnerabilities, and industry best practices to ensure security controls remain effective and aligned with the evolving threat landscape
Provide expertise on security best practices across IT, infrastructure, and enterprise operations to support secure business strategies
Contributes to a knowledgebase comprising a technical reference library, security advisories and alerts, information on security trends and practices, and laws and regulations
Ensures audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements
Evaluates baseline security configurations for operating systems, applications, and networking and telecommunications equipment
Assists Brown University Health staff in the resolution of reported security incidents
Assist in ensuring compliance with relevant regulatory standards, including HIPAA, HITECH, PCI-DSS, NIST, and other applicable frameworks
Research and assess new threats and security alerts and recommends remedial actions
Identify opportunities for improving Security Operations practices, recommending updates to processes and controls. Stay current with emerging security risks, regulatory requirements, and best practices to ensure the ongoing effectiveness of the security program
Provides expert level guidance to IT staff and the business regarding all Information Security policies, standards, processes, and procedures
Works with various infrastructure teams and business units to ensure policy compliance and adherence to security best practices
Participates in security projects and provides expert guidance on security policy, process, and procedures for other IT projects, as required
Participates in compliance / audit activities as requested by internal and external auditors
Maintains work effort status within SLA’s on Brown University Health’s Service Desk and Task Management Platforms
Identifies risks within the environment and performs risk register validations as required
Requires participation in a recurring on-call schedule that includes evenings and weekends
Performs other duties as assigned

Qualification

CISSPSIEMCloud SecurityPhishing DetectionPythonRisk ManagementIncident ResponseVulnerability ManagementCommunication SkillsTechnical DocumentationTeam Collaboration

Required

A minimum of 10 years of IS experience, with 5 years in an information security role
A bachelor's degree in information systems or equivalent work experience
Certifications Required (3 or more - CISSP, CCSP, OSCP, CISA, GIAC, CEH, Security+)
Strong understanding of authentication and authorization protocols (OAuth2, SAML, OpenID Connect)
Experience implementing and supporting phishing-resistant multi-factor authentication (e.g., FIDO2/WebAuthn, smart cards, or certificate-based authentication) to strengthen identity and access security
Experience implementing security controls via infrastructure-as-code (Terraform, Ansible, etc.)
Familiarity with SOAR platforms or automated incident response playbooks
Experience securing cloud environments (AWS, Azure, GCP) with knowledge of cloud-native security services
Experience with SIEM platforms (e.g., Splunk, Sentinel, QRadar) for monitoring, alerting, and correlation
Hands-on familiarity with EDR/XDR solutions (e.g., CrowdStrike, Defender for Endpoint)
Knowledge of vulnerability scanning and management tools (e.g., Nessus, Qualys, Rapid7)
Experience with cloud security posture management (CSPM) and cloud workload protection tools to identify misconfigurations, vulnerabilities, and risks across multi-cloud environments
Experience with APIs, including integrating with RESTful or GraphQL endpoints to securely pull and push data between systems
Proficiency in scripting and automation using Python, PowerShell, or Bash to support security operations, including tasks such as log parsing, API integration, incident response workflows, and orchestration of security tools
Strong understanding of regulatory requirements, security frameworks, and risk management methodologies (e.g., HIPAA, HITECH, NIST, ISO 27001)
Expert level in security best practices
Excellent written and verbal communication skills, with the ability to present complex security concepts to diverse audiences
Intermediate level with Wireshark and/or equivalent packet capture and analysis
Experience with patch management, device hardening, configuration auditing and other end point security best practices
Familiarity with the principles of cryptography and cryptanalysis
Experienced in the use of virtualization technologies
Experience designing and implementing secure landing zones in both Microsoft Azure and Amazon AWS
Understanding of Public Key Infrastructure
Knowledge of and experience in developing and documenting security architecture and plans, including strategic, tactical and project plans
Strong understanding of networking technologies from architecture best practices to packet analysis
In-depth knowledge of risk assessment methods and technologies
Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts
Excellent technical knowledge of mainstream operating systems [for example, Microsoft Windows and Linux] and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools
Proficiency in performing risk, business impact, control and vulnerability assessments
Working knowledge of IT/network and cloud architectures sufficient to map controls, evidence, and risks
Strong written and verbal communication skills
Ability to communicate security guidance to a non-technical audience

Preferred

M.B.A. or M.S. in information security

Company

Brown University Health

twittertwittertwitter
company-logo
Brown University Health provides an integrated academic health system offering hospital services, outpatient care and clinical education.
dateFounded in 1994
location
Providence, Rhode Island, USA
people-size10001+ employees
web-link
https://www.brownhealth.org

H1B Sponsorship

Brown University Health has a track record of offering H1B sponsorships. Please note that this does not guarantee sponsorship for this specific role. Below presents additional info for your reference. (Data Powered by US Department of Labor)
Distribution of Different Job Fields Receiving Sponsorship
Represents job field similar to this job
Trends of Total Sponsorships
2025 (3)
2024 (2)
2022 (3)
2021 (1)

Funding

Current Stage
Late Stage

Recent News

Providence Business News
Brown University Health opens Barrington urgent care center
2026-01-14
Providence Business News
Brown Health appoints Ventetuolo as head of pulmonary, critical care and sleep medicine
2025-12-30
Providence Business News
Brown Health reaches $50M loan agreement with Citizens Bank
2025-12-24
Company data provided by crunchbase