Cyber Security Analyst

Are you interested in harnessing technology and AI to transform healthcare?At XiFin, we believe a healthier, more efficient healthcare system starts with strong financial and operational foundations. Our innovative technologies help diagnostic providers, laboratories, and healthcare systems manage complexity, drive better outcomes, and stay focused on what matters most: patient care.We're on a mission to simplify the business side of healthcare—and we know that mission takes people from all backgrounds and experiences. Whether you're early in your career or bringing years of expertise, we welcome your perspective, your curiosity, and your passion. We value individuals who ask questions, challenge the status quo, and want to grow while making a real difference.About the RoleThe Cyber Security Analyst will analyze, evaluate, and tune SIEM events and alerts, threat hunting, automating investigation tasks, and conducting incident response when a security incident arises. Focus on identifying, researching, and performing offensive cyber security tactics and techniques to test and verify preventative and detective security controls.Work as a key member on project teams to ensure security by design principles are implemented in every IT and development effort, to ensure the effective and appropriate use of security technology solutions and processes that reduce risk and increase the security of the company and its data. Build relationships and partner across the organization and work with team members inside and outside of the department.How you will make an impact:Conducting incident response investigations from escalated incidents across Windows and Linux systems, and supporting all phases of the incident response process.Developing, documenting, and testing incident response playbooks and runbooks;Performing cybersecurity forensic analysis, including artifact collection, malware analysis, and timeline reconstruction;Assessing and prioritizing vulnerabilities based on risk factors and exploitability, coordinating remediation efforts, and investigating potential signs of compromise;Understanding and evaluating emerging threats on cyber security exploits, vulnerabilities, tactics, and techniques;Developing detection logic across SIEM environments using the ADS framework and mapping detections to MITRE ATT&ck;Analyzing and tuning SIEM alerts, operating system logs, and security events to improve detection capabilities;Participating in and conducting threat hunting and threat assessment in the context of information technology architecture;Utilizing offensive security tools, including Breach and Attack Simulation (BAS) solutions, to enhance detection capabilities and identify gaps in the organization's defenses;Designing, documenting, validating, and testing security hardening configurations in line with CIS Benchmarks and organizational standards;Conducting software risk assessments for desktop applications and browser extensions to identify potential security concerns and ensure compliance with organizational policies;Evaluating and testing enterprise security controls deployed in multiple IT infrastructure environments;Automating incident response tasks and other processes using scripting languages like PowerShell, Python, and Bash;What you will bring to the team:We're looking for someone with a growth mindset and a passion for consultative selling. You might be a great fit if you:Are highly analytical, organized, and proactive in solving challengesCommunicate clearly and confidently, translating technical concepts for diverse audiencesThrive in dynamic environments and adapt quickly to changing client needsBuild strong relationships and influence decision-makers at all levelsDemonstrate a commitment to continuous learning.Skills and experience you have:You don't need to check every box. We will consider a combination of education and experience, including:The position requires a proactive individual who independently seeks and consumes cyber security knowledge to improve the security posture of the program. The ideal candidate must think calmly yet quickly during stressful cyber security incidents, effectively communicating with peers and management and possess the ability to evaluate suggestions, assess risks, and implement innovative solutions while ensuring compliance with standards and regulations.The position requires a proactive individual who independently seeks and consumes cyber security knowledge to improve the security posture of the program. The ideal candidate must think calmly yet quickly during stressful cyber security incidents, effectively communicating with peers and management and possess the ability to evaluate suggestions, assess risks, and implement innovative solutions while ensuring compliance with standards and regulations.BS in Computer Science, Engineering or a closely related field and 5 years of related experience in Cyber Security Incident ResponseAbility to secure operating systems including Windows and Linux;Ability to produce detailed incident timelines and investigation reports;Practical experience in digital forensics as part of incident response efforts;Requires excellent verbal, written communication and ability to interact professionally within a corporate environment;Ability to manage multiple assignments and track through to completion;Pay TransparencyAt XiFin, we believe in pay transparency and fairness. The expected annual salary for this role is $139,485, based on your experience, skills, and geographic location.Depending on your qualifications, final compensation will be determined during the selection process and may vary accordingly.Accessibility & AccommodationsWe're committed to providing an inclusive and accessible experience for all applicants. If you need a reasonable accommodation during the application process, please contact us at Equal Opportunity EmployerXiFin is proud to be an equal opportunity employer. We value diverse voices and do not discriminate on the basis of race, color, religion, national origin, gender, gender identity, sexual orientation, disability, age, veteran status or any other basis protected by law.Ready to apply?We'd love to hear from you—even if you're not sure you meet every qualification. If you're excited about the role and believe you can contribute to our team, please apply. Let's build something meaningful together.