Information Security Analyst, Associate

About Health Catalyst:

The healthcare industry is the next great frontier of opportunity for software development, and this is your opportunity to be a part of this. Health Catalyst is one of the most dynamic and influential companies in this space. We are working on solving the national level healthcare problems and this is your chance to improve the lives of millions of people including your family and friends. Health Catalyst is a fast-growing company that values smart, hardworking and humble individuals. Each product team is a small, mission-critical team focused on developing innovative tools to support Catalyst's mission to improve the performance, cost, quality and outcomes in healthcare.

Role Overview:

The Information Security Analyst - Associate will support the organization's security initiatives by executing audit, compliance, and infrastructure protection activities. This role will work as part of the AppSec team and cross-functional teams to ensure that security operations, monitoring, and risk management practices are consistently maintained and improved.

Responsibilities:

Support as part of the AppSec team in coordinating security and compliance projects and executing audit-related deliverables.

Perform security assessments, vulnerability scans, and monitoring activities as per defined procedures.

Assist in documenting & implementing policies, procedures, standards, and guidelines related to security and compliance.

Participate in security awareness and training programs for employees.

Monitor logs, alerts, and reports to identify and escalate potential security incidents.

Research and evaluate new security tools, applications, and services for adoption, maintaining feature comparison matrices when required.

Assist in implementing and maintaining endpoint and workstation security configurations.

Support penetration testing and vulnerability analysis activities for applications, services, and infrastructure.

Provide operational support for key security tools and platforms including Active Directory, Office 365, SIEM, IPS, DLP, and email protection systems.

Participate in compliance audits and control reviews against industry standards such as HITRUST, SOC 2, or ISO 27001.

Maintain records of IT security incidents, ensuring timely reporting and resolution.

Troubleshoot and resolve technical and application security issues.

Collaborate closely with developers and IT teams during design and deployment phases to ensure security integration.

Perform additional tasks or projects as directed by the Information Security Manager.

Qualifications and Skills:

Bachelor's degree in computer science, Information Security, or a related discipline.

Understanding of information security frameworks and industry best practices.

Strong analytical and critical thinking skills.

Excellent communication and collaboration abilities.

Working knowledge of scripting or programming languages such as Python, Java, or C++.

Familiarity with Active Directory, MDM, and endpoint protection technologies.

Knowledge of cloud security principles for AWS, Azure, GCP or similar environments.

Understanding of penetration testing, vulnerability management, and secure application design.

Experience with security tools such as firewalls, IDS/IPS, SIEM, and EDR.

Awareness of regulatory and compliance standards (ISO 27001, HITRUST, SOC 2, HIPAA).

Willingness to continuously learn and grow within evolving security and cloud environments.

Preferred to have certifications like CompTIA Security+, Certified in Cybersecurity (CC) by (ISC), CEH.

Work Timings:

The incumbent will be expected to follow standard working hours aligned with Indian Standard Time (IST). In addition, the candidate should demonstrate flexibility to be available during the extended work window of 2:00 PM to 11:00 PM IST, as and when required, to facilitate critical business collaboration and operational overlap with United States time zones. Such requirements will be communicated in advance and are anticipated to occur on an as needed basis, rather than as a part of the regular daily schedule. The candidate is expected to exhibit professionalism and adaptability in supporting business needs beyond standard working hours when necessary.

Equal Employment Opportunity has been, and will continue to be, a fundamental principle at Health Catalyst, where employment is based upon personal capabilities and qualification without discrimination or harassment on the basis of race, color, national origin, religion, sex, sexual orientation, gender identity, age, disability, citizenship status, marital status, creed, genetic predisposition or carrier status, sexual orientation or any other characteristic protected by law.. Health Catalyst is committed to a work environment where all individuals are treated with respect and dignity.