Fulcrum are looking for a Security Analyst for a client in Dallas, TX. This role is hybrid on site in Dallas, TX 3 days a week with 2 remote.
Experience
- Information Security, Governance, Risk and Compliance, IT, or Business Analysis.
- Demonstrated experience in developing, communicating, and presenting Information Security and Risk Management concepts to both technical and non-technical audiences.
- Proven experience with a variety of security technologies, including Intrusion Prevention Systems (IPS), firewalls, endpoint protection, web/email filtering, Data Loss Prevention (DLP), digital rights management, encryption, Security Event and Incident Management (SEIM), and virtualization platforms.
Technical Skills and Security Tools
A strong candidate will have hands-on experience with:
- Configuring and managing IPS and firewall rules to identify and mitigate potential threats effectively.
- Implementing and managing endpoint protection solutions, along with web and email filtering tools, to secure data and mitigate phishing and malware risks.
- Data Loss Prevention (DLP) and encryption tools, ensuring secure data transmission and storage.
- SEIM tools, such as Splunk or Microsoft Sentinel, for centralized logging, monitoring, and threat detection. Familiarity with scripting (e.g., PowerShell, Python) for automation and report generation is a plus.
- Experience with virtualization platforms (e.g., VMware or Hyper-V) to support secure deployment and management of virtual environments.
- Incident response experience, including detection, containment, and recovery of security incidents, as well as threat hunting and forensics.
Risk and Compliance Expertise
Experience with risk assessments and compliance frameworks is critical. The ideal candidate will have a strong understanding of:
- Compliance standards and frameworks, such as NIST, ISO 27001, and HIPAA, to maintain compliance and uphold best practices in cybersecurity.
- Governance processes, including policy development, risk analysis, and security audits, to ensure alignment with organizational and regulatory requirements.
- Security awareness training development and delivery, along with creating policies for secure operations, incident response, and user education.
Healthcare Background
While not required, experience in the healthcare industry is preferred. Familiarity with the healthcare IT landscape, including specific security, privacy, and compliance needs (e.g., HIPAA regulations), is advantageous.
Communication and Collaboration
Strong communication skills are essential for interacting with cross-functional teams, non-technical stakeholders, and executive leadership. The candidate should demonstrate the ability to:
- Translate technical security concepts and risk management findings into actionable recommendations for both technical and business audiences.
- Collaborate with IT and business units to ensure security practices are integrated across operations.
- Provide training to staff on security best practices and awareness.
