Information Security Analyst

Overview

Hybrid
Depends on Experience
Contract - W2
Contract - Independent
Contract - 12 Month(s)

Skills

PCI DSS
HIPAA
Accountability
Auditing
CISM
CISSP
Collaboration
Communication
Computer Science
DLP
Health Care
IBM Security AppScan
ISO 9000
ISO/IEC 27001:2005
IT Risk
Information Security
Information Technology
Intrusion Detection
Management
Payment Card Industry
Penetration Testing
Regulatory Compliance
Reporting
SSL
Social Engineering
Software Development Methodology
System On A Chip
Vulnerability Management

Job Details

Information Security Analyst/Administrator

Location: Mason, OH (Hybrid 3 days/week onsite)
Schedule: Monday Friday, 8 AM to 5 PM
Job Summary:

We are seeking a skilled Information Security Analyst/Administrator to support the execution of a robust vulnerability management program. The role will involve identifying technical risks, managing remediation efforts, and working cross-functionally to enhance the security posture of the organization. Candidates must be local to Mason, OH and available to work onsite 3 days a week.

Key Responsibilities:

  • Monitor, analyze, and report on vulnerability data and security gaps
  • Support vulnerability assessments, penetration testing, and social engineering activities
  • Track and coordinate remediation efforts across application, infrastructure, and operations teams
  • Communicate emerging threats and risk summaries to leadership
  • Manage security tools (e.g., DLP, code scanners, scoring platforms)
  • Support IS in aligning with compliance frameworks (SOC, ISO, PCI, HITRUST, NIST)
  • Collaborate with project teams to embed security into the SDLC
  • Assist with audit responses, security questionnaires, and regulatory requirements
  • Build strong cross-functional relationships to drive accountability and security awareness

Required Qualifications:

  • Bachelor s degree in Computer Science, Information Technology, or related field
  • 3+ years of experience in Information Security, IT Risk, or Compliance
  • Hands-on experience with frameworks and standards such as SOC 1/2, ISO 27001/2, PCI DSS, NIST
  • Strong knowledge of enterprise IT systems and security controls
  • Excellent verbal and written communication skills
  • Proven ability to create reports for technical and executive audiences
  • Familiarity with intrusion detection and compliance tools in a regulated environment

Preferred Qualifications:

  • Industry certifications such as CISSP, CISM, GIAC, PCI DSS, CHPSE
  • Knowledge of HIPAA, CMS, or other healthcare-related security requirements
  • Experience with security tools like:
    • Security Scorecard, BitSight, SSL Labs
    • Nessus Pro, Qualys
    • Splunk, JIRA
    • HCL AppScan or other scanning tools
  • Understanding of Security in the SDLC
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.