See your work in a new light.
At LUX Infusion, we're reimagining infusion care as something more human, more supportive, and more connected. We lead with compassion and clarity - helping patients feel confident in moments that matter, while giving providers and partners the trust and insight they need to deliver better outcomes.
We're looking for a Senior Security Analyst who wants their work to mean something - someone who brings care, accountability, and purpose to what they do every day.
Full-time- Remote Opportunity
Why This Role Matters
Job Summary
The Senior Security Analyst (Healthcare) is responsible for protecting the organization's information
systems, data, and technology assets with a primary focus on safeguarding Protected Health
Information (PHI) and ensuring compliance with healthcare regulatory requirements. This role plays a
critical part in designing, implementing, monitoring, and improving the organization's cybersecurity
posture in alignment with HIPAA, HITECH, and other applicable standards.
This position serves as a senior technical and operational resource within the security function, leading
security monitoring, incident response, risk assessments, vulnerability management, and compliance
initiatives. The Senior Security Analyst works closely with IT, infrastructure, application teams,
compliance, and external partners to identify risks, respond to threats, and maintain a strong security
posture across a multi-site healthcare environment.
What You'll Do
Responsibilities include:
Security Operations and Monitoring
Monitor and analyze security events and alerts across networks, endpoints, cloud platforms,
and applications.
Investigate suspicious activity and lead incident response efforts, including triage, containment,
eradication, and recovery.
Serve as an escalation point for complex security incidents and coordinate cross-functional
response efforts.
Maintain and tune SIEM, EDR, and other security tools to improve detection and reduce false
positives.
Conduct root cause analysis and document incidents, actions taken, and lessons learned.
Healthcare Security and Compliance
Ensure compliance with HIPAA, HITECH, and other healthcare regulatory and privacy
requirements.
Participate in security risk assessments, gap analyses, and audits (internal and external),
including support for third-party assessments.
Develop and maintain security policies, standards, and procedures aligned with regulatory
expectations.
Monitor controls related to PHI protection, data access, and breach prevention.
Support audit readiness and remediation activities for compliance findings.
Vulnerability and Risk Management
Conduct regular vulnerability scans and coordinate remediation efforts across infrastructure and application teams.
Prioritize risks based on business impact, exploitability, and regulatory exposure.
Track and report on vulnerability remediation status and risk reduction efforts.
Perform risk assessments on new systems, vendors, and technology implementations.
Contribute to third-party risk management and vendor security reviews.
Security Engineering and Architecture Support
Collaborate with infrastructure and application teams to implement secure configurations and controls.
Evaluate and recommend security solutions, tools, and technologies to enhance protection capabilities.
Support secure design reviews for new applications, systems, and integrations.
Validate implementation of security controls across networks, endpoints, and cloud environments.
Identity and Access Management (IAM)
Review and monitor user access to systems containing PHI and sensitive data.
Support access governance processes, including provisioning, deprovisioning, and periodic access reviews.
Investigate access anomalies and enforce least-privilege principles.
Training, Awareness, and Continuous Improvement
Support security awareness and training initiatives with a focus on healthcare threats (e.g., phishing, ransomware).
Provide guidance to IT and business teams on security best practices and risk mitigation.
Identify opportunities to improve security processes, tooling, and response capabilities.
Mentor junior analysts and contribute to the development of the security team.
Familiarity with:
HIPAA Security Rule and Privacy Rule
NIST Cybersecurity Framework (CSF) and/or NIST 800-53
HITRUST CSF (preferred in healthcare environments)
Knowledge of identity and access management practices.
Understanding of secure system and application design principles.
Skills and Competencies
Strong analytical and problem-solving skills with the ability to assess complex security threats.
Ability to lead incident response efforts under pressure and with urgency.
Excellent written and verbal communication skills, including documentation and reporting.
Strong attention to detail and ability to manage multiple priorities.
Ability to work cross-functionally with IT, compliance, legal, and business stakeholders.
High level of integrity and commitment to protecting sensitive data.
KEY SUCCESS MEASURES
Effective detection and response to security incidents
Reduction in vulnerabilities and security risk exposure
Successful audit outcomes and regulatory compliance adherence
Protection of PHI with minimal security-related disruptions
Improved security posture through proactive controls and monitoring
Strong collaboration and stakeholder confidence in security operations
PHYSICAL DEMANDS AND WORK ENVIRONMENT
Effective detection and response to security incidents
Reduction in vulnerabilities and security risk exposure
Successful audit outcomes and regulatory compliance adherence
Protection of PHI with minimal security-related disruptions
Improved security posture through proactive controls and monitoring
Strong collaboration and stakeholder confidence in security operations
This position requires constant sitting with occasional walking, standing, kneeling or stooping.
This position requires the use of hands to finger, handle or feel objects and the ability to reach
with hands and arms.
This position requires constant talking and hearing.
Specific vision abilities required by this job include close vision and the ability to adjust focus.
This position must occasionally lift and/or move up to 25 pounds
Required to move/lift physical hardware
What We're Looking For
You may be a great fit if you bring:
Education and Experience
Bachelor's degree in Cybersecurity, Information Technology, or a related field preferred;
equivalent experience considered.
5+ years of experience in cybersecurity, information security, or related roles.
2+ years of experience in healthcare IT, security, or regulated environments required.
Demonstrated experience with incident response, threat detection, and vulnerability
management.
Experience supporting audits and compliance frameworks in regulated industries.
Technical Knowledge
Strong understanding of:
Security operations (SIEM, EDR, log analysis)
Network security (firewalls, IDS/IPS, segmentation)
Endpoint security and device hardening
Cloud security principles (Azure, AWS, or similar)
Vulnerability scanning and remediation tools
Familiarity with:
HIPAA Security Rule and Privacy Rule
NIST Cybersecurity Framework (CSF) and/or NIST 800-53 o HITRUST CSF (preferred in healthcare environments)
Knowledge of identity and access management practices.
Understanding of secure system and application design principles.
QUALIFICATIONS PREFERRED
Industry certifications such as:
CISSP, CISM, or CISA (strongly preferred) CEH, Security+, or GIAC certifications (nice to have)
Experience with healthcare systems such as EHR/EMR platforms (e.g., Epic, Cerner).
Experience in ransomware preparedness and response within healthcare environments.
Familiarity with Microsoft security stack (Defender, Sentinel, Entra ID) or comparable platforms.
Experience supporting HITRUST certification or attestation
Why LUX Infusion
At LUX Infusion, we believe infusion care deserves more light - more warmth, more clarity, and more connection.
Here, you'll find:
- Purposeโdriven work with real impact
- A patientโfirst, clinicianโled culture
- Supportive, collaborative teammates
- The opportunity to grow with a company building something meaningful
Come help us elevate infusion care - and see what's possible when care comes first.