Information Security Analyst

Company Overview: 

Public Health Solutions (PHS) is a 501(c)3 non-profit community-based organization (CBO) that has existed for 70 years to improve health equity and address health-related social needs (HRSN) for historically underserved marginalized communities. As the largest public health nonprofit serving New York City, we improve health outcomes and help communities thrive by providing services directly to vulnerable families, supporting community-based organizations through our long-standing public-private partnerships, and bridging the gap between healthcare and community services. We focus on a wide range of public health issues including food and nutrition, health insurance, maternal and child health, sexual and reproductive health, tobacco control, and HIV/AIDS. Learn more about our work at healthsolutions.org.    

PHS administers WholeYouNYC (WYNYC), a coordinated community resource network that builds trustworthy and reliable pathways between healthcare providers, health plans and CBOs providing critical resources in the community that address the social drivers of health. WYNYC brings together over 100 organizations offering various programs – such as food, housing, employment, health insurance, and sexual health services – across all five boroughs. These services and programs make it possible for New Yorkers to live their healthiest lives and ultimately reduce health disparities and advance health equity. To date, our network has already impacted thousands of lives through community partnerships and referrals, generating millions in estimated healthcare savings.  

New York State (NYS) recently announced the availability of $500M statewide to support Social Care Network (SCN) lead entities responsible for coordinating social care delivery in various regions across the state. Public Health Solutions (PHS) and our WYNYC network were awarded the role of regional SCN for Brooklyn, Manhattan, and Queens.

This is a grant-funded position ending March 31, 2027. 

Program Description: 

 The Information Security Analyst is responsible for supporting and maintaining the organization’s information security and compliance program in accordance with applicable federal, state, and contractual requirements, including the NYS OHIP, Common Security Framework (CSF), and HIPAA Security practices.

This position plays a critical role in safeguarding organizational assets by monitoring information systems, evaluating security controls, and coordinating incident response activities. The Analyst will collaborate closely with internal IT resources, the managed Security Operations Center (SOC), and external partners to ensure adherence to established policies, standards, and regulatory obligations.

Key Responsibilities

• Regulatory Compliance and Risk Management
  • Support and maintain compliance with OHIP PM-17 standards, NYS security requirements, HITRUST CSF, and HIPAA regulations.
  • Participate in internal and external security audits, assessments, and certification readiness efforts.
  • Document and maintain evidence of compliance activities, corrective action plans, and remediation tracking.
  • Assist in the periodic review and revision of information security policies, standards, and procedures.
• Security Operations
  • Monitor and respond to alerts generated through the organization’s SIEM and security monitoring platforms, in coordination with the SOC.
  • Investigate, triage, and document security incidents and vulnerabilities in accordance with established escalation protocols.
  • Prepare and distribute regular security and compliance reports to IT leadership.
• Microsoft 365 and Azure Security
  • Administer and maintain controls within the Microsoft 365 Security & Compliance Center, including data loss prevention (DLP), auditing, retention, and threat protection.
  • Implement and review Azure Cloud security configurations, including conditional access, identity protection, and secure baselines.
  • Monitor privileged access and ensure adherence to least-privilege and separation-of-duties principles.
• Coordination and Communication
  • Serve as a liaison with the SOC and external vendors for incident response, threat intelligence, and log management activities.
  • Collaborate with infrastructure, application, and compliance teams to align security practices with organizational objectives.

Qualifications and Experience: 

• Education: Associate or Bachelor’s degree in IT, Computer Science, or related field or equivalent. 
• Experience: Minimum of one(1) to three (3) years of professional experience in information security, cybersecurity operations, or IT compliance.
• Demonstrated knowledge of, NYS OHIP, and HIPAA compliance frameworks.
• Proficiency with Microsoft 365 Security & Compliance Center, Azure Security Center, and Defender for Cloud.
• Experience with SIEM platforms (e.g., Microsoft Sentinel, Splunk, LogRhythm) and associated reporting functions.
• Familiarity with security incident response, vulnerability management, and risk assessment methodologies.

Strong written and verbal communication skills, with the ability to produce audit-ready documentation and reports

Desired Skills: 

• Professional certifications such as CompTIA Security+, CISSP, CCSK, Microsoft Certified: Security Operations Analyst Associate, or HITRUST CCSFP.
• Prior experience supporting compliance efforts within a public health, nonprofit, or governmental organization.

Key Attributes for Success

• Strong eagerness to learn and develop new technical skills.
• A proactive and problem-solving mindset.
• Attention to detail and ability to document IT processes clearly.
• Ability to work both independently and collaboratively within an IT team.
• Willingness to take on new challenges in a fast-paced IT environment.

Reports To:

Information Security Manager 

Direct Reports:

This position has no direct reports

Benefits:

       •     Hybrid Work Schedule.

       •     Generous Paid Time Off and Holidays.

       •     An attractive and comprehensive benefits package including Medical, Dental and Vision.

       •     Flexible Spending Accounts and Commuter Benefits.

       •     Company Paid Life Insurance and Disability Coverage.

       •     403(b) + employer matching and discretionary company contributions.

       •     College Savings Plan.

• Ongoing training and continuous opportunities for professional growth and development.

At PHS, we place immense value on diversity within our teams, understanding that varied backgrounds and experiences significantly enhance our community and propel us toward our goals. If you find you don’t have experience in all the areas listed above, we still encourage you to apply and share your background and experiences in your application. We are eager to discover how your unique perspective can bring positive transformations to our team and help advance our mission of creating healthier, more equitable communities. 

We look forward to learning more about you! 

PHS is proud to be an equal opportunity employer and encourages applications from women, people of color, persons with disabilities, LGBTQIA+ individuals, and veterans.