At Pursuant Health, we are dedicated to providing effective health management tools that are free, easy, and accessible for everyone. Our innovative approach brings health screenings to one of the most frequented places in our communities: retail stores. With a network of over 4,600 health kiosks located in high-traffic retail pharmacies across the country, we empower individuals to check in on their health conveniently and regularly. Our kiosks are HIPAA-compliant and FDA-cleared Class II Medical Devices, offering free biometric screenings and clinically valid health assessments that help people understand their personal health risks and track their metrics over time.
We pride ourselves on our fast-paced, growth-oriented company culture. At Pursuant Health, every team member enjoys significant responsibility and autonomy, allowing you to make a real impact. If you thrive in a lean environment filled with exciting, cutting-edge solutions and are ready to roll up your sleeves, you’ll find a perfect fit with us!

QUALIFICATIONS:

• 5+ years of experience in information security or a related role
• Proven ability to work independently in a small-team or startup-like environment, taking ownership of projects from start to finish.
• Hands-on experience with security tools and technologies such as firewalls, intrusion detection/prevention systems, endpoint protection, and encryption.
• Experience working with AWS or other major Cloud Service Providers, with strong understanding of cloud security principles.
• Strong knowledge of vulnerability scanning tools and techniques
• Experience with incident response, threat management, and root-cause analysis.
• Proficiency in evaluating and remediating software vulnerabilities
• Excellent problem-solving and analytical skills
• Strong communication skills with the ability to work effectively across technical and non-technical teams.
• Experience interpreting and applying security frameworks such as NIST CSF, ISO 27001, HIPAA, or SOC 2
• Relevant certifications (e.g., CISSP, CEH, CISM) are preferred.

ROLE OVERVIEW:

We are seeking an Information Security Analyst who can operate as a self-starter, independently owning and driving security initiatives. You will be our go-to expert for all security matters, ensuring our systems, cloud environments, and medical devices remain secure, compliant, and resilient. This role is ideal for someone who thrives on autonomy, takes initiative, and can collaborate effectively with IT, engineering, and compliance teams to implement meaningful security improvements.

RESPONSIBILITIES:

• Develop and implement security policies, protocols, and procedures with minimal supervision.
• Proactively identify, prioritize, and address security gaps across infrastructure, applications, and processes.
• Lead and execute regular security assessments and vulnerability testing on applications and infrastructure systems.
• Continuously monitor networks and systems for security breaches, malware, data loss, and unauthorized access.
• Own the incident response process from detection through root-cause analysis, remediation, and post-incident review.
• Evaluate software vulnerabilities, recommend and implement mitigations, and coordinate remediation efforts with stakeholders.
• Partner with engineering, IT, and compliance to embed security best practices in product design, deployment, and operations.
• Manage audit readiness, evidence collection, and documentation to ensure compliance with frameworks such as HIPAA, SOC 2, and NIST CSF.
• Stay current with emerging threats, vulnerabilities, and security technologies, and proactively recommend new tools and practices.
• Prepare and deliver actionable security reports and recommendations to management.
• Provide guidance and training on cybersecurity best practices to team members and other staff.