Information Security Analyst

About the Opportunity

At Medifast, our team members are relentless in our mission of driving Lifelong Transformation, Making a Healthy Lifestyle Second Nature . When you join Medifast, you become part of a dynamic, fast-growing community of highly motivated, like-hearted people who share a passion for promoting health and wellness. Just as OPTAVIA Coaches inspire Clients to reach their personal wellness goals, at Medifast, we inspire each other to bring our best to work each day to further our shared mission. If you want to build a rewarding career that makes lives better on a daily basis, Medifast may be the perfect place for you.

Overview of Position

The Information Security Analyst plays a critical role in safeguarding the organization's systems, applications, and data. This position supports the execution of enterprise-wide security programs, including cybersecurity awareness and training, incident response planning, PCI compliance, and overall security operations. The analyst ensures alignment with industry best practices and regulatory requirements while mitigating security risks across the organization.

Opportunity Highlights

• Contribute directly to protecting critical systems and data.
• Gain hands-on experience across awareness, compliance, projects, and incident response.
• Expand expertise with industry-leading frameworks and security tools.
• Collaborate with IT and business teams on impactful security initiatives.
• Grow your career with opportunities for certification and advancement.

II. Job Responsibilities

Cybersecurity Awareness & Training

Develop, maintain, and deliver security awareness programs to strengthen organizational resilience against cyber threats.

Assist with the creation of training materials and best practices to promote secure behaviors across the enterprise.

Support security communication initiatives to improve staff engagement and accountability.

PCI Compliance

Assist with ongoing PCI DSS compliance efforts, including assessments, reporting, and maintaining adherence to industry standards.

Contribute to the preparation and completion of compliance documentation such as Self-Assessment Questionnaires (SAQ) and Attestations of Compliance (AOC).

Support the development of processes and procedures that ensure consistent compliance with security regulations.

Security Projects & Operations

Support the execution of security-related projects to enhance infrastructure, applications, and enterprise systems.

Assist with the design, implementation, and maintenance of IT security systems and monitoring technologies.

Participate in system/application reviews and provide guidance on secure architecture and engineering practices.

Evaluate emerging cybersecurity trends, threats, and tools, recommending effective security controls.

Perform third-party vendor security risk assessments.

Incident Response

Assist in the design, implementation, and testing of the organization's incident response framework.

Respond to cybersecurity events, coordinating with IT and other stakeholders to mitigate threats.

Conduct vulnerability scans, penetration testing, and technical assessments, providing clear recommendations for remediation.

Work with software engineering and infrastructure teams to remediate security findings and strengthen defenses.

III. Scope

This role contributes to the development, implementation, and management of security programs, standards, and technologies across the organization. The position does not include direct reports but supports a wide range of departments, systems, and enterprise initiatives.

IV. Knowledge, Education, Skills & Abilities

• Bachelor's degree in Information Systems, Computer Science, or a related field preferred. High school diploma or GED with applicable experience required.
• 5+ years of experience in IT with a focus on system, application, and network security.
• Strong knowledge of security frameworks (ISO 2700x, COBIT, NIST).
• Proficiency with Identity Governance/Access Management (IGA/IAM).
• Technical expertise in areas such as Active Directory, firewalls, IDPS, APIs, encryption, SSO, MFA, and patch management.
• Familiarity with software engineering security best practices.
• Hands-on experience with PCI DSS compliance and audits.
• Strong analytical, problem-solving, and communication skills.
• PCI ISA or QSA certification.
• CISSP, CRISC, or ITIL certifications.
• Familiarity with SOX ITrequirements

At Medifast, Relationships Are At The Center Of What We Do!

We thrive by elevating our connections with one another as well as with our Coaches & Clients. We believe that everyone has the potential to be OUTSTANDING . The Medifast culture is built on seven core values: integrity, courage, teaming, accountability, empowerment, partnership and diversity. These values aren't just words on a page - they are celebrated as a core part of the company's philosophy.

We Lead By...

Mastering Relationships: We build trust, promote collaboration and we are reliable.

Being Innovative: We strive to improve things in our areas of influence; test, refine and expand within the business strategy; and reach beyond real and perceived boundaries.

Simplifying: We are committed to making things measurable, repeatable and scalable; focusing on outcomes not activities; and eliminating complexity to increase focus.

Anticipating: We predict long-term business and organizational needs; challenge assumptions; and expect and prepare for the unexpected.

About Medifast
Medifast (NYSE: MED) is the 40+ year old health and wellness company known for its habit-based and coach-guided lifestyle solution OPTAVIA , which provides people with a simple, yet comprehensive approach to address obesity and support a healthy life. OPTAVIA provides unparalleled coaching support along with community, tailored nutrition and healthy habits, and empowers people to master their weight loss journey through each stage of life. Through the company's collaboration with national virtual primary care provider LifeMD (Nasdaq: LFMD) and its affiliated medical group, customers now have access to GLP-1 medications where clinically appropriate. Medifast remains committed to its mission of offering Lifelong Transformation, Making a Healthy Lifestyle Second Nature . Visit MedifastInc.com and OPTAVIA.com for more information and follow @Medifast on X and LinkedIn.

#LI-CB1

high111

Vital Images is an Equal Opportunity Employer, M/F/Vets/Disability.