Security Analyst

Kessler Foundation is seeking a skilled, motivated Security Analyst to help protect enterprise systems and Azure-based cloud services supporting scientific research, clinical programs, and organizational operations. This role focuses on modernizing, monitoring, detecting, and responding to security threats while strengthening security controls across on-premises and cloud environments.

Responsibilities will include (but will not be limited to) the following:

• Secure enterprise, research, and cloud environments that enable scientific discovery and clinical innovation.
• Monitor and respond to security events across networks, servers, endpoints, and Microsoft Azure.
• Support and administer NextGeneration Firewalls, intrusion detection, and prevention systems, and Network Access Control (NAC) devices.
• Implement and maintain Azure security controls, including identity, access management, logging, and monitoring.
• Manage encryption technologies for data at rest and in transit.
• Support Public Key Infrastructure (PKI), digital certificates, and key management.
• Conduct vulnerability scans and risk assessments across on-premises and cloud systems.
• Investigate and respond to security incidents, including containment, remediation, and documentation.
• Review and secure system and application designs, including cloud-hosted research platforms.
• Support compliance efforts related to HIPAA and HITECH.
• Work with IT team, researchers, and external partners to remediate security findings.
• Help educate staff through cybersecurity awareness initiatives.
• Stay current with emerging threats, cloud security trends, and best practices.
• Administer and optimize security tools, including firewalls, IDS/IPS, endpoint protection, vulnerability management, SIEM platforms, MFA, and Azure security services
• Analyze logs and alerts from on-premises and cloud environments to detect suspicious activity
• Lead incident response activities and post-incident reviews
• Perform internal security risk assessments, penetration testing, and compliance audits
• Schedule and oversee external security risks assessments and audits
• Participate in on-call security-related maintenance activities
• Provide advanced support for Windows and Linux security-related issues

Requirements:

• Bachelor s degree in Information Security, Computer Science, Information Systems, or related field, or equivalent experience.
• Minimum of 3 years of experience in information security or security operations.
• Experience securing Microsoft Azure or hybrid cloud environments.
• Strong knowledge of networking, identity and access management, encryption, and operating system security.
• Experience supporting HIPAA / HITECH compliance.
• At least one industry-recognized cybersecurity certification (e.g., Security+, SSCP, CEH).

In addition, the following qualifications are preferred:

• Experience with Azure security tooling and cloud logging/monitoring.
• Advanced certifications such as CISSP or CISM.
• Strong communication skills with the ability to explain security risks clearly.

Kessler Foundation is a public charity dedicated to improving the lives of people with physical and cognitive disabilities caused by stroke, multiple sclerosis, injuries to the brain and spinal cord, and other chronic conditions. We are committed to creating a diverse, cooperative work environment. Women, members of under-represented minority groups, and individuals with disabilities are encouraged to apply.