Cybersecurity Analyst

City/State
Norfolk, VA

Work Shift
First (Days)

Overview:

Sentara is hiring for a Cybersecurity Analyst!

This position is fully remote!

Overview

Responsible for day-to-day support and optimization of software applications, including builds, upgrades, and system enhancements. Analyzes business / clinical needs, evaluate software releases and/or new products, and gives recommendations to optimize processes and decrease expenses. Possesses in-depth business / clinical and application knowledge and experience. Performs and documents workflow assessments to determine functional requirements for optimal utilization of applications. Develops system test plans and performs testing of software upgrades and patches. Maintains a record of test progress and test results. Responsible for problem, incident, and change management and service requests. Provides daily on-call support to the customer base for application-related issues. Works within a cross-functional team and with end-users to achieve application integration to meet business / clinical needs. Responsible for the communication of software issues, requirements, upgrades, and enhancements. Oversees smaller-sized projects or components of projects. Coordinates implementation or project planning around software application releases. Possesses a key certification(s) or other credential(s) which is determined central to the systems or applications supported.

An Experienced Professional applies practical knowledge of job areas typically obtained through advanced education and work experience.

Responsibilities typically include:

• Works independently with general supervision.

• Problems faced are difficult but typically not complex.

• May influence others within the job area through explanation of facts, policies, and practices.

Position Summary:
Our Cybersecurity Analyst role specializes in Security Orchestration Automation & Response (SOAR), Incident Response, Endpoint Detection & Response (EDR), and Security Information and Event Management (SIEM). In this critical role, you will help protect sensitive patient and organizational data by proactively detecting, analyzing, and responding to cybersecurity threats, leading the development and implementation of a customized SOAR solution to automate and streamline security operations, while ensuring compliance with HIPAA and healthcare regulations. This position requires participation in a 24/7 on-call rotation to respond promptly to security incidents.

Key Responsibilities:

• Design, develop, and maintain a customized SOAR solution that automates incident detection, analysis, triage, containment, and reporting.
• Collaborate with stakeholders to identify repetitive security tasks suitable for SOAR automation, improving efficiency and consistency in security operations.
• Integrate SOAR workflows with existing EDR, SIEM, and other critical platforms to enhance visibility and rapid response capabilities.
• Continuously tune SOAR playbooks to adapt to emerging threats, regulatory changes, or improvements in threat intelligence.
• Monitor all platforms for security incidents, leveraging SOAR for rapid, orchestrated response.
• Lead and support incident response efforts-from identification and analysis to containment, eradication, and recovery-with a focus on safeguarding Protected Health Information (PHI) and ensuring minimal impact to patient care.
• Analyze logs, forensic data, and network traffic across a complex healthcare IT environment.
• Develop and tune SIEM correlation rules, alerts, and integrated SOAR workflows to detect and respond to threats.
• Serve as part of a 24/7 on-call rotation, responding rapidly to incidents and escalations as they arise, including after-hours and weekends.
• Ensure incident handling and SOAR-driven automation align with HIPAA and all relevant regulations; participate in incident debriefs and continuous improvement initiatives.
• Collaborate with clinical, IT, compliance, and third-party vendors to assess risk and remediate vulnerabilities across critical systems and devices.
• Document incident response and SOAR automation actions in detail, maintaining records for legal, compliance, and audit purposes.
• Participate in healthcare-specific threat hunting, vulnerability assessments, and security exercises to strengthen organizational resilience.
• Maintain current knowledge of emerging cyber threats, SOAR technologies, vulnerabilities, and regulatory changes that could impact healthcare operations.

Required Skills and Qualifications:

• Bachelor's degree in Cybersecurity, Computer Science, IT, or a related field; or equivalent experience.
• 3+ years of experience in a SOC, incident response, health IT cybersecurity, or SOAR engineering role.
• Excellent proficiency in Python
• Proven experience with SOAR implementation, EDR tools, and SIEM solutions, with preference for healthcare environments.
• Familiarity with HIPAA and healthcare risk management practices.
• Strong communication, teamwork, and documentation skills; able to communicate effectively with technical and clinical stakeholders.
• Availability to participate in a 24/7 on-call rotation and respond to security incidents outside of standard business hours.
• Relevant certifications (CISSP, CEH) are preferred.

Minimum Education Qualifications

• 3 years of relevant experience with a degree (Required)
  

or

• 5+ years of relevant experience without a degree (Required)
  
• Experience in lieu of a Bachelor's Degree
  

Certification/Licensure

• Relevant certifications (CISSP, CEH) are preferred.
  

Minimum Experience Qualifications

• 3 to 5+ years of relevant experience
  

We provide market-competitive compensation packages, inclusive of base pay, incentives, and benefits. The base pay rate for Full Time employment is: $80,204.80 - $133,681.60. Additional compensation may be available for this role such as shift differentials, standby/on-call, overtime, premiums, extra shift incentives, or bonus opportunities.

Talroo-IT, #LI-DS1, #Indeed, #Dice, #Monster

Keywords: Incident response (SOC), end point detection (EDR), cybersecurity analyst, SIEM, CISSP, CEH, SOAR, Python, healthcare

Benefits: Caring For Your Family and Your Career

• Medical, Dental, Vision plans

• Adoption, Fertility and Surrogacy Reimbursement up to $10,000

• Paid Time Off and Sick Leave

• Paid Parental & Family Caregiver Leave

• Emergency Backup Care

• Long-Term, Short-Term Disability, and Critical Illness plans

• Life Insurance

• 401k/403B with Employer Match

• Tuition Assistance - $5,250/year and discounted educational opportunities through Guild Education

• Student Debt Pay Down - $10,000

• Reimbursement for certifications and free access to complete CEUs and professional development

•Pet Insurance
•Legal Resources Plan
•Colleagues have the opportunity to earn an annual discretionary bonus ifestablished system and employee eligibility criteria is met.

Sentara Health is an equal opportunity employer and prides itself on the diversity and inclusiveness of its close to an almost 30,000-member workforce. Diversity, inclusion, and belonging is a guiding principle of the organization to ensure its workforce reflects the communities it serves.

In support of our mission “to improve health every day,” this is a tobacco-free environment.

For positions that are available as remote work, Sentara Health employs associates in the following states:

Alabama, Delaware, Florida, Georgia, Idaho, Indiana, Kansas, Louisiana, Maine, Maryland, Minnesota, Nebraska, Nevada, New Hampshire, North Carolina, North Dakota, Ohio, Oklahoma, Pennsylvania, South Carolina, South Dakota, Tennessee, Texas, Utah, Virginia, Washington, West Virginia, Wisconsin, and Wyoming.