Skip to main content
Patient Portal Request Appointment

Senior Security Analyst

Women's Health CT
Rocky Hill, CT (Hybrid)
Full-time
$99,000.00- $120,000.00 per year
Apply

Women’s Health Connecticut is seeking to hire a Full-time Senior Security Analyst!

Position: Senior Security Analyst
Location: Women’s Health Connecticut
Address: 175 Capital Blvd. Rocky Hill, CT 06067
Working arrangement: Hybrid
Employment Type: Full-time, 40 hours per week
Schedule: Monday- Friday, 8:00am- 5:00pm
Reports to: Chief Technology Officer

Position Summary: The Senior Security Analyst is a key member of the Women’s Health CT IT team. This position is responsible for developing, implementing, and maintaining IT security and IT compliance programs. This technical role covers strategy, operations, incident response, third-party oversight, and regulatory compliance. The analyst will work closely with service providers to enhance the organization’s security posture while aligning with business objectives. Responsibilities include reporting, leading training initiatives, and driving continuous IT improvement across the organization.

Essential duties and responsibilities:

  • Security Strategy & Governance
    – Develop and execute a multi-year security roadmap aligned with organizational goals.
    – Advise leadership on emerging threats, risks, and industry trends.
    – Define and maintain enterprise security policies, standards, and guidelines.
    – Track, analyze, and present security metrics and KPIs to executives and the board.
    – Evaluate and recommend strategic improvements to existing security controls.
  • Compliance & Regulatory Oversight
    – Ensure compliance with HIPAA, PCI DSS, and other applicable regulations.
    – Lead internal audits and coordinate with external auditors during assessments.
    – Document and track remediation activities to closure.
    – Maintain evidence repositories for compliance validation and regulatory reporting.
    – Ensure vendor agreements are current and that vendor practices comply with security and privacy obligations.
  • Technical Operations & Third-Party Management
    – Oversee the vulnerability management program, including scanning, prioritization, and remediation.
    – Monitor security platforms (SIEM, EDR, etc.), investigate alerts, and maintain secure architecture for new systems and integrations.
    – Define and monitor SLAs/KPIs for Managed Service Providers.
    – Review Managed Service Provider deliverables such as vulnerability scans, patch management reports, and configuration baselines.
    – Conduct quarterly Managed Service Provider performance reviews and drive service improvements.
  • Incident Response & Security Operations
    – Maintain and test incident response plans, playbooks, and escalation procedures.
    – Lead investigations, including triage, containment, eradication, and recovery.
    – Conduct root-cause analyses following incidents and ensure remediation is tracked.
    – Support disaster recovery and business continuity exercises from a security perspective.
    – Perform security reviews of new systems, applications, and integrations prior to deployment.
  • Training, Awareness & Innovation
    – Develop and deliver security awareness training tailored to different roles.
    – Conduct phishing simulations and track user performance.
    – Partner with IT and HR to integrate security into onboarding and annual compliance training.
    – Track, measure, and report on the effectiveness of awareness programs.
    – Refresh content regularly to address evolving threats and lessons learned from incidents.
  • Leadership & Collaboration
    – Act as a subject matter expert for internal teams and external partners.
    – Work closely with leadership and service providers to ensure that security practices are embedded in systems, infrastructure, operations, and overall culture.
    – Serve as a trusted advisor on security implications of business initiatives, technology changes, and operational improvements.

Skills/qualifications:

  • Bachelor’s degree in Information Security, Computer Science, or related field, or equivalent experience.
  • At least 5 years of IT security experience in a regulated industry, preferably healthcare.
  • Hands-on expertise with SIEM, EDR, vulnerability management tools, firewalls, encryption, and secure configurations.
  • Demonstrated experience with HIPAA compliance and audit preparation/remediation.
  • Proven success managing third-party security service providers.
  • Strong written and verbal communication skills; able to communicate risks to technical and non-technical audiences.

Preferred Certifications

  • CISSP, CISM, or CISA
  • HCISPP or other healthcare-specific security certification
  • CompTIA Security+ or equivalent

Qualified candidates are encouraged to apply to learn more about all the position has to offer!

The Job responsibilities provided are intended to be a summary of the job duties. In no instance should the duties, responsibilities, and requirements included in a job description constitute as being all-inclusive. The Company and authorized management personnel reserve the right to review, change, add and/or delete duties, responsibilities, and requirements on a job description as necessary.

Apply now for Senior Security Analyst, Women's Health CT

To apply, simply fill out the form below. Please include your name, email address, resume, and any additional comments you wish to include before submitting your application.

Full Name(Required)
Drop files here or
Max. file size: 64 MB.