Cybersecurity Analyst - W2 Only
Posted 5 days ago by 1756447349
Negotiable
Outside
Remote
USA
Summary: HCL Healthcare is looking for a Cybersecurity Analyst to safeguard healthcare IT systems and data by monitoring security events, conducting risk assessments, and ensuring compliance with federal security standards. The role requires hands-on experience in cybersecurity, with a focus on incident response and vulnerability management. The position is remote and emphasizes collaboration with IT teams to enhance security measures. U.S. citizenship is required due to federal contract obligations.
Key Responsibilities:
- Monitor SIEM tools, dashboards, and alerts for threats, anomalies, or suspicious activities.
- Perform triage, containment, eradication, and recovery as part of the incident response process.
- Conduct root cause analysis and provide documentation with recommendations for prevention.
- Conduct regular vulnerability scans and work with system/application owners to remediate findings.
- Participate in security risk assessments and risk management reviews.
- Ensure compliance with federal mandates and healthcare security frameworks (FISMA, NIST 800-53, FedRAMP, HIPAA, OMB).
- Prepare and maintain documentation for Authority to Operate (ATO), POA&Ms, and continuous monitoring reports.
- Support deployment, tuning, and optimization of security tools (SIEM, endpoint protection, IDS/IPS, vulnerability management, DLP).
- Recommend enhancements to security posture, processes, and automation.
- Assist in developing security awareness and training programs.
- Participate in tabletop exercises, security drills, and audits.
- Work closely with IT, applications, and network teams to embed security throughout system lifecycles.
Key Skills:
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience).
- 3+ years of hands-on experience in cybersecurity or information security roles.
- Strong background in security monitoring, incident response, and vulnerability management.
- Familiarity with NIST 800-53, RMF, CIS Controls, HIPAA, and federal compliance requirements (FISMA, FedRAMP).
- Excellent analytical, problem-solving, and documentation skills.
- U.S. Citizenship required (federal contract requirement).
- Industry certifications such as Security+, CEH, CySA+, CISSP (or in progress).
- Hands-on experience with SIEM platforms (Splunk, Microsoft Sentinel), endpoint security, and cloud security controls (AWS, Azure).
- Knowledge of scripting/automation (PowerShell, Python) for security analysis and reporting.
Salary (Rate): undetermined
City: undetermined
Country: USA
Working Arrangements: remote
IR35 Status: outside IR35
Seniority Level: undetermined
Industry: IT
Role: Cybersecurity Analyst
Location: Remote
Duration: Long Term
HCL Healthcare is seeking a skilled Cybersecurity Analyst to ensure the confidentiality, integrity, and availability of enterprise healthcare IT systems, applications, and data. This role involves monitoring, detecting, analyzing, and responding to security events, conducting vulnerability and risk assessments, implementing security controls, and supporting compliance with federal information security policies and healthcare data protection standards (FISMA, NIST 800-53, FedRAMP, HIPAA).
Key Responsibilities:
Security Monitoring & Incident Response
Monitor SIEM tools, dashboards, and alerts for threats, anomalies, or suspicious activities.
Perform triage, containment, eradication, and recovery as part of the incident response process.
Conduct root cause analysis and provide documentation with recommendations for prevention.
Vulnerability & Risk Management
Conduct regular vulnerability scans and work with system/application owners to remediate findings.
Participate in security risk assessments and risk management reviews.
Compliance & Governance
Ensure compliance with federal mandates and healthcare security frameworks (FISMA, NIST 800-53, FedRAMP, HIPAA, OMB).
Prepare and maintain documentation for Authority to Operate (ATO), POA&Ms, and continuous monitoring reports.
Security Tools & Process Improvement
Support deployment, tuning, and optimization of security tools (SIEM, endpoint protection, IDS/IPS, vulnerability management, DLP).
Recommend enhancements to security posture, processes, and automation.
Awareness & Collaboration
Assist in developing security awareness and training programs.
Participate in tabletop exercises, security drills, and audits.
Work closely with IT, applications, and network teams to embed security throughout system lifecycles.
Required Qualifications:
Bachelor s degree in Cybersecurity, Computer Science, Information Technology, or related field (or equivalent experience)
3+ years of hands-on experience in cybersecurity or information security roles.
Strong background in security monitoring, incident response, and vulnerability management.
Familiarity with NIST 800-53, RMF, CIS Controls, HIPAA, and federal compliance requirements (FISMA, FedRAMP).
Excellent analytical, problem-solving, and documentation skills.
U.S. Citizenship required (federal contract requirement).
Preferred Qualifications:
Industry certifications such as Security+, CEH, CySA+, CISSP (or in progress).
Hands-on experience with SIEM platforms (Splunk, Microsoft Sentinel), endpoint security, and cloud security controls (AWS, Azure).
Knowledge of scripting/automation (PowerShell, Python) for security analysis and reporting.