JOB DESCRIPTION

Job Title: Information Security Analyst
Department: IT
Reports to: Information Security Manager
Date: 2025

QUALIFICATIONS

• Bachelor’s degree in computer science or related field. An MSc in Cyber Security is an advantage.
• Security Engineering certifications preferred - Security+, Network+, GCIA, GCFA, GMON, GNFA, SSCP, OSCP, ISA/IEC 62443, etc.
• Experience and strong understanding of frontline security operations (SOC / Incident response activities) working with - SIEM, NetFlow, IDS/IPS, Anti-Virus, Malware, etc.
• Understanding of various threat hunting techniques (Structured or unstructured, custom or intel-based hunting, etc.), tools (SIEM or EDR), models and frameworks (MITRE pre-attack and attack frameworks)
• Understanding of modern security attack techniques and how best to detect them
• Knowledge and/or experience with modern security automation technologies for threat hunting
• Competent in scripting languages for automation (Ideally with Python or KQL, C, C++, Java, PowerShell, Bash, etc.)
• Understanding of the underlying protocols such as HTTP, HTTPS, SMTP, and SQL.

EXPERIENCE

• At least five years’ experience in a cyber security support role, preferably in Healthcare or critical infrastructure.
• Experience and strong understanding of frontline security operations (SOC / Incident response activities) working with - SIEM, NetFlow, IDS/IPS, EDR, XDR, Malware, etc.
• Solid understanding of networking concepts (TCP/IP, routing, switching, firewalls, VPNs, packet capture and analysis).
• Working knowledge of Windows Server administration (Active Directory, DNS, DHCP, Group Policy, Windows Event Logs).
• Basic knowledge of Linux server administration and CLI troubleshooting (processes, logs, networking commands, services).
• Good background in Exchange and Office 365 administration and management.
• Experience in analysing customer solutions, planning and implementing Security.
• Experience with threat intelligence platforms, threat modelling and threat hunting techniques.
• Familiarity with GDPR, NIST CSF 2.0, ISO/IEC 27001 and NIS2 Directive
• Experience working with IAM and managing cloud identity services.
• Familiarity with network and web protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, etc.)
• Proven track record in managing security incidents and implementing mitigation strategies.
• Experience in web application security is highly desirable. This includes knowledge of common vulnerabilities (e.g., OWASP Top 10), secure coding practices, and the ability to assess, test, and remediate web-based threats.

JOB SPECIFIC COMPETENCIES AND KNOWLEDGE

• Executing project plans, working closely with IT to understand and manage project expectations.
• Project experience involving technical consulting, solution design, project envisioning, planning, development and deployment.
• Provide accurate information at an appropriate level of complexity to staff in order to facilitate understanding and effective use by network/systems users.
• Provide a high standard of customer service and follow through on staff inquiries and questions from commencement to resolution in a timely and professional manner.
• Plan and manage their work in a complex, changing environment in order to meet set objectives and deadlines.
• Contribute to the success of the team by developing and utilising effective lines of communication with other members and providing support to others as needed to ensure cohesion and consistency in approach.
• Provide advice (knowledge transfer) to the customer and partners. These will include support groups in the Automation, Local and Enterprise Applications & Infrastructure space, as well as vendors and consultants from an external perspective who support many of the systems.
• Prepare documentation and training to support staff and related processes.
• Ability to support a 24x7x365 operation, including participation in monthly maintenance patching and updating activities.
• Additionally, this position provides On-Call IT support on a rotational basis.

OVERALL PURPOSE OF JOB

The Information Security Analyst is responsible for safeguarding the hospital’s information systems and sensitive data against internal and external threats. The role involves proactive monitoring, threat detection, risk assessment, incident response, and implementation of security best practices to ensure compliance with healthcare regulations and data protection laws (including GDPR and NIS2 guidelines).
The position provides rapid response to alerts by following detailed policies, procedures, and standards to ensure protection of the hospital’s information assets.
This individual collaborates with all parties necessary to defend against information security incidents, as well as identifying, analysing, communicating, and escalating these incidents when they do occur. The role requires an understanding of security policy and best practice as well as a deep technical knowledge of security infrastructure & technologies, and new and emerging threats. The role also requires technical knowledge of all areas of ICT, such as networking, server infrastructure, security technologies, application security, and endpoint protection solutions.

KEY RESPONSIBILITIES AND DELIVERABLES

• Assist in the implementation and continuous improvement of the hospital’s cybersecurity framework.
• Monitor security alerts and logs to detect, investigate, and respond to threats and vulnerabilities.
• Conduct risk assessments, penetration testing, and vulnerability scans to identify and mitigate security gaps.
• Manage incident response activities, including root cause analysis, reporting, and recovery.
• Maintain and update cybersecurity policies, procedures, and documentation in line with evolving threats and regulatory requirements.
• Provide guidance and support to IT staff and end users on best practices for cyber hygiene.
• Collaborate with clinical and administrative teams to ensure secure deployment of healthcare systems (e.g., EHR/EMR platforms).
• Evaluate, implement, and manage security tools such as SIEM, EDR, firewalls, antivirus, and encryption technologies.
• Ensure compliance with relevant healthcare data protection standards and legal obligations like NIS2.
• Liaise with external auditors, vendors, and regulators as necessary.
• Conduct regular training and awareness campaigns across hospital departments.
• Assess, test, and support the secure development and deployment of web applications, ensuring protection against common vulnerabilities (e.g., OWASP Top 10) through secure coding practices and regular security reviews.