Role Overview
As an Information Security Analyst, you will play a central role in shaping and maintaining the organization’s security posture. You’ll develop and manage security policies and standards that align with HIPAA and SOC II compliance requirements, ensuring documentation is accurate, up to date, and audit-ready. You will serve as the main point of contact during security audits, risk assessments, and penetration testing cycles, coordinating responses and follow-up actions.
Key Responsibilities
- Develop, implement, and maintain security policies, standards, and procedures in line with regulatory frameworks including HIPAA, SOC II, and NIST
- Lead coordination of SOC II audits, security risk assessments, and third-party penetration tests
- Manage customer-facing security questionnaires and documentation submissions
- Collaborate with technology and operations teams to support secure network and system configurations
- Educate teams across the organization on security protocols and risk mitigation strategies
- Work closely with leadership to refine security practices and address emerging threats
- Stay current with evolving security technologies, compliance standards, and vendor-specific security methodologies
Qualifications
- Bachelor’s degree in Computer Science or a related field, or equivalent professional experience
- Minimum of four years of experience in IT or application security
- Proven experience with HIPAA, SOC II, and NIST compliance controls
- Familiarity with anti-virus systems, intrusion detection, firewalls, and content filtering technologies
- Experience using risk assessment tools and methodologies
- Background in designing secure network and application architectures
- Knowledge of disaster recovery planning and computer forensics
- Strong communication skills, with the ability to explain technical security issues to both technical and non-technical audiences
- Experience interpreting results from malware detection and code analysis tools
Preferred Qualifications
- Industry certifications such as CEH, CISM, CISSP, or GSEC are highly valued
Technical Environment
Tools and frameworks include anti-virus and intrusion detection systems, firewalls, content filtering platforms, risk assessment software, disaster recovery solutions, forensic analysis tools, and compliance frameworks such as HIPAA, SOC II, and NIST.
Work Model
This is a hybrid role with options for remote work. Candidates located in eligible states may work remotely full-time. Others will be expected to work from the Greater Atlanta Metro area periodically. Flexibility is available based on experience and performance.
Benefits
- Comprehensive medical, dental, and vision insurance
- Company-paid life and disability coverage
- Health Savings Account (HSA) with employer contributions
- Employee Assistance Program (EAP)
- 401(k) plan with company matching
- Unlimited paid time off
- 10 paid holidays annually
- Paid parental leave
- Flexible work arrangements
Compensation
Salary range is $75,000 to $120,000, commensurate with experience. No equity or additional compensation components are included.
Our Culture
We value purposeful work, clear communication, and personal accountability. Team members are encouraged to collaborate across functions and drive continuous improvement. Automation is embraced to eliminate repetitive tasks and increase efficiency. We are committed to fostering a diverse, inclusive workplace where all voices are heard.
Equal Opportunity Employer
We are an equal opportunity employer dedicated to building a workforce that reflects the diversity of the communities we serve. Candidates requiring accommodations during the hiring process are encouraged to reach out for support.
