ABOUT OUR COMPANY

We’re a physician-led, patient-centric network committed to simplifying health care and bringing a more connected kind of care.
Our primary, multispecialty, and urgent care providers serve millions of patients in traditional practices, patients’ homes and virtually through VillageMD and our operating companies Village Medical, Village Medical at Home, Summit Health, CityMD, and Starling Physicians.
When you join our team, you become part of a compassionate community of people who work hard every day to make health care better for all. We are innovating value-based care and leveraging integrated applications, population insights and staffing expertise to ensure all patients have access to high-quality, connected care services that provide better outcomes at a reduced total cost of care.
Please Note: We will only contact candidates regarding your applications from one of the following domains: @summithealth.com, @citymd.net, @villagemd.com, @villagemedical.com, @westmedgroup.com, @starlingphysicians.com, or @bmctotalcare.com.

JOB DESCRIPTION

As a Security Operations Analyst, you will be the frontline defender of our infrastructure, ensuring our defenses remain strong against a wide array of cyber threats. You will monitor, analyze, and respond to security alerts across multiple platforms, conduct thorough investigations, and collaborate with IT and Security teams to develop and implement proactive security measures. If you’re an expert in security operations and incident response, we want you to join us and contribute to our mission of safeguarding our digital ecosystem.

REQUIREMENTS

• Proven Experience: 2-3 years of experience in security operations, incident response, or security engineering.
• Incident Response Expertise: Good understanding of incident response and experience handling multi-faceted attacks across diverse IT environments.
• Scripting Proficiency: Hands-on experience with scripting languages like Python, PowerShell, or Bash to automate tasks and enhance security operations.
• Tool Expertise: Working knowledge and proficiency with EDR, SIEM platforms, and email security tools such as CrowdStrike, Exabeam, Mimecast, Azure/M365, and AWS.
• Critical Thinking & Problem Solving: Demonstrated ability to identify issues, think critically, and resolve problems efficiently with keen attention to detail.

PREFERRED QUALIFICATIONS (NICE TO HAVE)

• Certifications: One or more certifications such as SSCP, Security +, CySA+, Microsoft SC-200, MS-500, GSEC, GCIH, and/or CEH
• Networking Knowledge: Familiarity with networking concepts and protocols (TCP/IP, DNS, DHCP, VPN, etc.).
• Cloud Security: Hands-on experience with cloud security, particularly in environments like Microsoft Azure or AWS.
  Digital Forensics: Experience in digital forensics, including evidence collection
  This is an exempt position. The salary range for this role is $77,300 - $96,600

SAFETY DISCLAIMER

Our Company cares about the safety of our employees and applicants. Our Company does not use chat rooms for job searches or communications. Our Company will never request personal information via informal chat platforms or unsecure email. Our Company will never ask for money or an exchange of money, banking or other personal information prior to the in-person interview. Be aware of potential scams while job seeking. Interviews are conducted at select Our Company locations during regular business hours only. For information on job scams, visit, https://www.consumer.ftc.gov/JobScams or file a complaint at https://www.ftccomplaintassistant.gov/

• Threat Monitoring & Detection: Utilize SIEM, EDR, and other security tools to monitor, detect, and analyze potential threats and security gaps across our digital assets.
• Incident Response: Investigate complex security incidents and collaborate with cross-functional teams in an organized and timely response to mitigate risks.
• Data Loss Prevention (DLP): Investigate DLP alerts, enforce data protection policies, and reduce insider threats through proactive monitoring and intervention.
• Collaboration & Risk Mitigation: Work closely with Governance, Risk & Compliance (GRC), Identity & Access Management (IAM), and IT teams to enforce security controls, improve incident detection, and reduce organizational risks.
• Playbook Development & Automation: Design, refine, and automate incident response playbooks, focusing on continuous improvement to optimize efficiency and minimize response time.
• Reporting & Analysis: Report on the effectiveness, maturity, and resilience of our security tools, providing actionable intelligence to stakeholders.
• Root Cause Analysis & Remediation: Perform thorough root cause analyses for incidents and vulnerabilities, identifying opportunities to strengthen future defenses.