Information Security Analyst/Administrator (Hybrid - Mason, OH; local candidates preferred)

Information Security Analyst/Administrator (Hybrid Mason, OH; local candidates preferred)
We are looking to hire a candidate with the skills sets mentioned and experience for one of our clients.

Job Overview

We are seeking an experienced Information Security Analyst/Administrator to support Vision Care s information security and compliance initiatives. This hybrid role focuses on overseeing, coordinating, and facilitating the organization s vulnerability management program, rather than direct hands-on remediation. The analyst will work closely with internal stakeholders to drive timely remediation efforts, provide risk visibility through tracking and reporting, and ensure alignment with regulatory obligations such as HIPAA, HITRUST, SSAE-18, and PCI.

Key Responsibilities

• Monitor and analyze vulnerability assessment data to identify and communicate technical risks.
• Support classification and impact assessment of newly identified vulnerabilities.
• Assist in vulnerability assessments, penetration testing, and social engineering activities.
• Provide insights on emerging cyber threats, including tactics, techniques, and procedures.
• Track and coordinate vulnerability remediation efforts across multiple teams.
• Ensure timely closure of security gaps by working with application, infrastructure, and operations teams.
• Support the vision and strategic objectives of the organization s vulnerability management program.
• Provide regular updates and risk summaries to leadership on remediation status.
• Assist leadership in identifying capability gaps within vulnerability management services.
• Respond to client and third-party security inquiries, questionnaires, and audit requests related to vulnerability management.
• Manage and use security tools such as DLP, code scanners, external security profiles, internal/external scanning tools, and scoring platforms to assess security gaps.
• Participate in the IT SDLC process to ensure security is incorporated by design.
• Develop strong working relationships with business, technology teams, and clients to drive remediation, security compliance, and client satisfaction.
• Collaborate across teams to improve the organization s security posture and integrate security into operational workflows.
• Assist with regulatory and compliance requirements, contributing to security audits, attestations, and certifications.
• Analyze and report on aggregated vulnerability data from various scanning tools.
• Engage in continuous self-development to enhance knowledge, skills, and abilities supporting the Information Security function.

Basic Qualifications

• Bachelor s degree in Computer Science, IT, or related field.
• Minimum 3+ years of experience in IT risk, information security, or compliance.
• Familiarity with major standards: SOC 1-2, ISO 27001/2, PCI DSS, HITRUST, SANS, NIST.
• Experience implementing compliance frameworks, ideally in financial services or similarly regulated environments.
• Broad understanding of IT hardware and software products.
• Strong project management and time management skills.
• Experience managing enterprise security and intrusion detection systems in regulated environments.
• Ability to collaborate effectively across business and technology teams.
• Skilled in producing clear, actionable reports for both technical and non-technical stakeholders.
• Relevant certifications such as CISSP, CISM, GIAC, PCI DSS, CHPSE, or similar.
• Experience or familiarity with healthcare, health insurance, managed care, or other regulated industries.
• Knowledge of CMS and HIPAA-related vendor standards and requirements.
• Working knowledge of Security SDLC tools.
• Familiarity with tools such as:

• • Security Scorecard, BitSight, SSL Labs
  • Nessus Pro, Qualys
  • Splunk, JIRA
  • HCL AppScan or similar code scanning and vulnerability tools

Other Details :

• Employment Type: W2
• Location: Hybrid Mason, OH (local candidates preferred)
• Contract Rate: $35/hr on W2
• Duration: 6 months, highly potential to be extended.
• Interview Process: Phone and video interviews