About Streamline Healthcare Solutions:

Here at Streamline, we strive on building lasting and trusting relationships with our clients, and our employees set the bar.

Our mission is to build innovative technology solutions that empower people who improve behavioral health and quality of life of those in need. We are a high growth technology company that delivers web-based software for healthcare organizations to provide and coordinate all service delivery processes. Streamline has been offering software in the behavioral health marketplace since 2003. Streamline has built and maintains systems for some of the nation’s premier behavioral health organizations using the latest web-based technology.

Streamline offers competitive compensation and benefits packages as well as a challenging, yet flexible, work environment that is conducive to collaboration and productivity. A career with Streamline Healthcare Solutions provides opportunities for growth and continued learning in a workplace where individual contribution is valued and recognized. Join us, and advance your career today with a company that is on the cutting edge of the behavioral healthcare technology industry.

Job Summary for the Security Analyst

The Security Analyst is a hands-on role that will lead the monitoring and maintenance of Streamline’s security perimeter, and make recommendations for security improvements. The Security Analyst will coordinate with vendors, customers, and Streamline staff to ensure company documentation (procedures, processes, contractual language, best practices, configuration specifications) is in place and kept up-to-date.

The Security Analyst will lead efforts ensuring compliance with HIPAA, NIST (and other security frameworks), FISMA, FedRAMP, and other regulations and best practices. The Security Analyst will assist, consult, train and mentor other NOC team members and Support Team staff, and provide direct technical guidance with tasks as necessary. Other responsibilities include facilitating customer meetings and periodically facilitating security training sessions for staff and customers.

Responsibilities for the Security Analyst

• Track and resolve identified security issues as identified in penetration tests, security audits, Streamline’s security risk assessment program, Azure Tools, and other security tools

• Ensure compliance with Streamline’s Disaster Recovery and Business Continuity plans, including periodic testing and desktop exercises

• Work with internal and external parties in support of IT compliance-related documentation requests, corrective actions, and incident response reporting

• Identify areas of non-compliance and make recommendations for achieving compliance

• Routinely perform internal and external risk analysis, security audits, vulnerability assessment, and penetration testing

• Monitor traffic and regularly review various logs from routers, UTMs, firewalls, intrusion prevention systems. Configure and monitor SIEM logs and events and work with designated Managed Detection and Response vendors.

• Monitor the organization’s networks and systems for security breaches or intrusions; develop and/or activate contingency planning in the event of a security breach

• Monitor, assess, and report compliance with internal controls including segregation of duties, authorizations, access control, and general IT controls related to the confidentiality, integrity, and availability of customer data

• Develop and implement security policies

• Secure network, hardware, desktops, laptops, mobile devices and all company data

• Coordinate data destruction and secure disposal of hardware

• Actively work to reduce risk levels of data loss from malware, antivirus and ransomware

• Evaluate the design and effectiveness of IT controls based upon industry best-practice models (e,g. ITIL, FISMA, NIST, etc.)

• Participate in the monthly server maintenance schedule.

Qualifications of the Security Analyst

• Bachelor's degree in Business Administration, Information Systems Management, or other relevant fields; or

  • 6+ years of related experience and/or training; or equivalent combination of education and experience; or

  • 5+ years of experience in support services or technology management

• 5+ years of experience directly related to information security, including experience with FISMA, HIPAA and/or NIST 800-53

• Experience using security tools such as NMAP, Qualys, and SIEMs

• Information Security experience with Azure Cloud (or other cloud provider)

• Have a good understanding of general networking concepts and protocols

• Excellent written and oral communication skills

• Strong critical thinking, analytical thinking, and problem-solving abilities

Preferred Qualifications of the Security Analyst

• SSCP (Systems Security Certified Practitioner), CISSP (Certified Information Systems Security Professional) or CEH (Certified Ethical Hacker) certification is preferred