Jump to navigation

Thank You For Signing Up!

We will be launching updates to VentureFizz soon which will include a new profile page and a custom homepage. We will keep you posted on these updates - stay tuned! Continue
VentureFizz Logo
  • Jobs
  • Companies
  • Insights
  • Videos
  • Sign Up
  • Login

Cloud Security Analyst

Based on the evolving situation with Covid19 we are mostly remote, this includes the hiring process. We are in the process of moving to a hybrid of onsite and remote with some positions remaining 100% remote.

 

Why This Role Is Important To Arcadia

 

The Arcadia.io Security Analyst for will work as a member for the Information Security team focused on ensuring the security of Arcadias cloud-based Population Health Analytics portfolio through technical security control implementation. This role will be based in Boston, MA (remote is also available) and will partner with teams throughout the company to ensure that technical security requirements are consistently implemented.

 

What Success Looks Like

In 3 months

Performing the following with the supervision of the Security Manager:

- All tasks related to vulnerability and configuration management (review scans, as well as assess and document results)

- Conducting vulnerability risk assessments for risk adjustment requests

- Completing time-bound security tasks (aligned with HITRUST) and produces reports

 

In 6 months

- Participating in Security Incident Investigations

- Owning tasks associated with the Security Analyst Role

 

In 12 months

- Completing customer and vendor security assessments

- Reviewing security documentation on an annual basis for currency

What You'll Be Doing

  • Supporting the Operations, Engineering, Production Support, and Technical Implementation teams by providing the necessary security expertise required to ensure that applications and infrastructure are implemented in accordance with company objectives for risk acceptance
  • Ensuring that the organizations infrastructure and applications meet Arcadias technical security objectives (as outlined in Policies and Procedures) and are designed, implemented and executed effectively, efficiently and economically
  • Performing, reviewing, evaluating, assessing, documenting and communicating the results of regular vulnerability and configuration scans
  • Interface with external partners including Managed Detection and Response vendor as first contact for identified alerts and issues
  • Reviewing (at pre-defined intervals) access rights, ports/protocols/services, audit monitoring, interconnections, firewall and router configurations, asset inventory, position risk designations, and blacklisting/whitelisting
  • Recommending, documenting and monitoring the implementation of any prescribed corrective actions resulting from assigned security assessments and reviews
  • Designing and implementing annual testing and training on Security Incident Response and Business Continuity/Disaster Recovery
  • Providing technical and forensic support during investigations into any suspected security incidents in accordance with company security incident handling, reporting and management procedures
  • Completing security assessments and annual audits for customers/prospective customers as well as providing artifacts (snapshots, etc.) to support such requests
  • Completing security assessments and annual audits for 3rd party vendors/partners including gathering artifacts (snapshots, etc.) and performing risk analyses and making go-forward recommendations
  • Supporting annual compliance audits (HITRUST, ISO and SOC 2)
  • Producing as required, any security metrics reports for the Information Security Officer (ISO), VP Information Security & Compliance and any other stakeholders or security steering committees prescribed
  • Responding to requests for consultation or other inquiries from staff and provide security advice as required
  • Supporting any requests for information by any external authoritative agencies as required (E.g., assessors, auditors, investigators, etc.)
  • Providing any requested input for the ongoing maturation and development of the information security, risk, compliance and governance strategies necessary to support the business planning process
  • Maintain currency and expertise with emerging trends in security, risk, compliance and governance standards and technologies (both internal and external)
  • Work with our offensive security team to document and report vulnerabilities discovered from our internal penetration testing program to product stakeholders. 
  • Track and drive remediation efforts for discovered vulnerabilities in web applications and network ensuring they are patched according to the timeframes specified.
  • Work with engineering teams to configure and perform automated scans that integrate security into our development process. Review, evaluate, document, and communicate the results to stakeholders. 
  • Work with security and engineering to ensure relevant tasks in the SDLC Security Plan are completed and required artifacts are completed and maintained.

What Youll Bring

  • College Degree (from an IT Security /computer related field) or equivalent experience with at least 3 years of professional experience including security in the cloud
  • Good working knowledge of security, governance, risk, compliance and privacy concepts and practices
  • Demonstrated experience in network security monitoring/analysis, event escalation, cyber threat analysis, and vulnerability analysis
  • Specific experience in monitoring, evaluating, and interpreting vulnerabilities, CVEs, remedies, mitigation measures, techniques for escalation, social engineering tactics, phishing techniques, and performing vulnerability assessments
  • Familiarity with:
  • Windows, MacOS, and Linux
  • Basic knowledge of networking fundamentals (OSI model, etc.)
  • Fundamentals of information security including concepts related to confidentiality, integrity and availability as well as technical competency with computer BIOS, disk encryption, antivirus, vulnerability scanning, configuration scanning, and open source firewalls
  • Ability to write formal assessment reports and to present to varying stakeholders.

Would Love for You to Have

  • Professional Certification(s) in information security, governance, risk and/or compliance (e.g., CISSP, CEH, GSEC, CISM, CISA, CCSP, CompTIA Security+, etc.)
  • AWS Cloud Practitioner Certification
  • Working knowledge of firewalls and common AWS management, monitoring and configuration services
  • Professional Certification(s) in information security, governance, risk and/or compliance (e.g., CISSP, CEH, GSEC, CISM, CISA, CCSP, CompTIA Security+, OSCP, etc.)
  • Experience performing application security assessments or penetration tests.

What You'll Get

  • You will work with a team of experts in building and maintaining a highly validated security and privacy program for the leader in Population Health and Healthcare data analytics including experience with certifications such as HITRUST, ISO 27001, and SOC 2.
  • Be a part of a team and organization the had built security and privacy into the fabric and culture of the organization.
  • You will learn how to secure highly-regulated sensitive data in a cloud environment and how to build and maintain a fully validated and industry leading security program.
  • Your responsibilities will grow with you as a critical member of our team.
  • Competitive compensation/benefits package.
  • Become an expert in all elements of securing clinical and claims healthcare data in the cloud

 

About Arcadia

Arcadia.io helps innovative healthcare systems and health plans around the country transform healthcare to reduce cost while improving patient health.   We do this by aggregating massive amounts of clinical and claims data, applying algorithms to identify opportunities to provide better patient care, and making those opportunities actionable by physicians at the point of care in near-real time.  We are passionate about helping our customers drive meaningful outcomes. We are growing fast and have emerged as the market leader in the highly competitive population health management software and value-based care services markets, and we have been recognized by industry analysts KLAS, IDC, Forrester and Chilmark for our leadership. For a better sense of our brand and products, please explore our website, our online resources, and our interactive Data Gallery.

 

This position is responsible for following all Security policies and procedures in order to protect all PHI under Arcadia's custodianship as well as Arcadia Intellectual Properties.  For any security-specific roles, the responsibilities would be further defined by the hiring manager.

More Jobs at Arcadia

Clear Filters
Data Quality Analyst
Remote
Analytics and Data Science
Details
Customer Service Representative
Remote
Customer Success
Details
Senior Motion Graphics Designer
Boston
Marketing
Details
Internal Claims and Refund Auditor
Remote
Customer Success
Details
Internal Client Services Auditor
Remote
Customer Success
Details
Application Enablement Analyst
Remote
Analytics and Data Science
Details
Customer Success Analyst
Boston
Customer Success
Details
Eligibility Coordinator
Remote
Customer Success
Details
Cloud Security Analyst
Remote
IT Security and DevOps
Details
Provider Operations Specialist
Remote
Customer Success
Details
Senior Accountant
Boston
HR Finance and Operations
Details
Intake Coordinator
Remote
Customer Success
Details
Clinical Care Manager (RN)
Remote
Customer Success
Details
Provider Operations Coordinator
Remote
Customer Success
Details
Claims Analyst
Remote
Customer Success
Details
Showing 15 Jobs

Arcadia

Add to Favorites

Arcadia is dedicated to happier, healthier days for all. We transform diverse data into a unified fabric for health. Our platform delivers actionable insights for our customers to advance care and research, drive strategic growth, and achieve financial success. For more information, visit arcadia.io. 

Apply Now
Company Profile

Number of Employees

250 - 500 employees

Open Positions

15

Location(s)

Remote

Videos

Photos

Colleagues at industry trade show
Happy hour
Colleague working
Colleagues meeting
Colleagues meeting
Happy hour
Happy hour
Colleagues at industry trade show
Colleagues at industry trade show
Colleagues at industry trade show
Colleagues at industry trade show
Colleagues at industry trade show

Employee Testimonials

Arcadia Testimonial

It’s been really exciting to be encouraged to speak up and ask questions. I look
forward to coming into the office every day knowing that my contributions to my
team are valued.

Tessa Geron   –   Implementation Manager
Arcadia Testimonial

I really love the people I work with and the people on my teams. Many of them are like family to me, as we have worked together for more than 15 years.  I truly enjoy watching them grow and become successful here.

Bob Dupuis   –   VP, Enterprise Architecture and Security
Arcadia Testimonial

We have a product that is the best in the business, we can come in and implement it, and we know how to make our customers successful using it.  This makes us a trusted partner for customers coming on board for the first time, and it has cemented our relationships with legacy accounts who have seen us double down on what we’re good at.  The maturation of our technology is incredible.

Duncan Stephens   –   Client Success Manager
Arcadia Testimonial

We tend to find the right fit for people to do the work that is most valuable to both themselves and Arcadia. Even if you are entry-level, we really look to place you in roles that best use your strengths. I don’t think most people expect that portability and flexibility as a new person coming into a company.

Kelsey Wade   –   Senior Technical Lead
VentureFizz Logo VentureFizz helps you discover the best jobs and companies in the tech industry. © 2022
  • facebook
  • twitter
  • linkedin
  • youtube
  • instagram
  • Jobs
    • Startup Jobs in Boston
    • Startup Jobs in NYC
    • Remote Startup Jobs
    • Software Engineering and QA
      Sales and Business Development
      Marketing
      Product Management
      HR Finance and Operations
      Customer Success
      UX and Design
      Analytics and Data Science
      Hardware Engineering
      IT Security and DevOps
      Other
  • Companies
    • AdTech
      AI & Machine Learning
      Big Data & Analytics
      Cloud & Developer Tools
      Communications
      Consumer
      Crypto, FinTech & Payments
      Development & Interactive Agencies
      eCommerce & Marketplaces
      EdTech
      Energy & CleanTech
      Enterprise Software / SaaS
      Gaming
      Hardware & Robotics
      Healthcare & Pharma
      Marketing & Sales Tech
      Other
      Security
      Venture Capital
  • Insights
    • Hottest Jobs in Tech
    • The VentureFizz Podcast
    • Office Tours
    • Lead(H)er
    • Black in Tech
    • Career Path
    • CxO Briefing
    • Inside:
    • Engineering Spotlight
    • Talent on the Move
    • Career Advice & Inspiration
    • Culture, Guides, & More
  • Videos
    • Startup Company Video Interviews
    • Inside: Engineering, Sales, & More
    • Career Advice
    • Hiring Advice
  • About
    • Hiring? Click here for subscription details
    • Member Login
    • Contact
    • Terms of Service
    • Privacy Policy
Copyright © 2015-2023 VentureFizz. All rights reserved.
✕
Get VentureFizz Delivered to your Inbox!

Sign up for personalized job alerts, daily insights, & weekly career advice.

Sign Up

Sign up for our emails!

Keep informed about job opportunities, companies, and more.

PGZvcm0gYWN0aW9uPSIvcmVnaXN0ZXIiIG1ldGhvZD0icG9zdCIgaWQ9InZmaXp6LWVuZXdzLXNpZ251cC1mb3JtIiBhY2NlcHQtY2hhcnNldD0iVVRGLTgiPjxkaXY+PGRpdiBjbGFzcz0iZm9ybS1pdGVtIGZvcm0tdHlwZS10ZXh0ZmllbGQgZm9ybS1pdGVtLWVtYWlsLWFkZHJlc3MiPgogIDxsYWJlbCBmb3I9ImVkaXQtZW1haWwtYWRkcmVzcyI+RW1haWwgQWRkcmVzcyA8c3BhbiBjbGFzcz0iZm9ybS1yZXF1aXJlZCIgdGl0bGU9IlRoaXMgZmllbGQgaXMgcmVxdWlyZWQuIj4qPC9zcGFuPjwvbGFiZWw+CiA8aW5wdXQgdHlwZT0idGV4dCIgaWQ9ImVkaXQtZW1haWwtYWRkcmVzcyIgbmFtZT0iZW1haWxfYWRkcmVzcyIgdmFsdWU9IiIgc2l6ZT0iNjAiIG1heGxlbmd0aD0iMTI4IiBjbGFzcz0iZm9ybS10ZXh0IHJlcXVpcmVkIiAvPgo8L2Rpdj4KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0icmV0dXJudXJsIiB2YWx1ZT0ibm9kZS82NTgwNTEiIC8+CjxkaXYgY2xhc3M9ImZvcm0taXRlbSBmb3JtLXR5cGUtY2hlY2tib3ggZm9ybS1pdGVtLWpvaW4tZGFpbHktam9iLWFsZXJ0cyI+CiA8aW5wdXQgdHlwZT0iY2hlY2tib3giIGlkPSJlZGl0LWpvaW4tZGFpbHktam9iLWFsZXJ0cyIgbmFtZT0iam9pbl9kYWlseV9qb2JfYWxlcnRzIiB2YWx1ZT0iMSIgY2hlY2tlZD0iY2hlY2tlZCIgY2xhc3M9ImZvcm0tY2hlY2tib3giIC8+ICA8bGFiZWwgY2xhc3M9Im9wdGlvbiIgZm9yPSJlZGl0LWpvaW4tZGFpbHktam9iLWFsZXJ0cyI+RGFpbHkgSm9iIEFsZXJ0cyA8L2xhYmVsPgoKPGRpdiBjbGFzcz0iZGVzY3JpcHRpb24iPkEgcGVyc29uYWxpemVkIGxpc3Qgb2Ygam9icyBiYXNlZCBvbiBsb2NhdGlvbiBhbmQgam9iIGNhdGVnb3J5LjwvZGl2Pgo8L2Rpdj4KPGRpdiBjbGFzcz0iZm9ybS1pdGVtIGZvcm0tdHlwZS1zZWxlY3QgZm9ybS1pdGVtLWpvYmNhdCI+CiAgPGxhYmVsIGZvcj0iZWRpdC1qb2JjYXQiPkpvYiBDYXRlZ29yeSA8L2xhYmVsPgogPHNlbGVjdCBpZD0iZWRpdC1qb2JjYXQiIG5hbWU9ImpvYmNhdCIgY2xhc3M9ImZvcm0tc2VsZWN0Ij48b3B0aW9uIHZhbHVlPSItMSI+UGljayBhIGpvYiBjYXRlZ29yeTwvb3B0aW9uPjxvcHRpb24gdmFsdWU9IjYzIj5Tb2Z0d2FyZSBFbmdpbmVlcmluZyBhbmQgUUE8L29wdGlvbj48b3B0aW9uIHZhbHVlPSI2MiI+U2FsZXMgYW5kIEJ1c2luZXNzIERldmVsb3BtZW50PC9vcHRpb24+PG9wdGlvbiB2YWx1ZT0iNjAiPk1hcmtldGluZzwvb3B0aW9uPjxvcHRpb24gdmFsdWU9IjE5NyI+UHJvZHVjdCBNYW5hZ2VtZW50PC9vcHRpb24+PG9wdGlvbiB2YWx1ZT0iNTgiPkhSIEZpbmFuY2UgYW5kIE9wZXJhdGlvbnM8L29wdGlvbj48b3B0aW9uIHZhbHVlPSI1NyI+Q3VzdG9tZXIgU3VjY2Vzczwvb3B0aW9uPjxvcHRpb24gdmFsdWU9IjY0Ij5VWCBhbmQgRGVzaWduPC9vcHRpb24+PG9wdGlvbiB2YWx1ZT0iMjYxIj5BbmFseXRpY3MgYW5kIERhdGEgU2NpZW5jZTwvb3B0aW9uPjxvcHRpb24gdmFsdWU9IjI2MCI+SGFyZHdhcmUgRW5naW5lZXJpbmc8L29wdGlvbj48b3B0aW9uIHZhbHVlPSI1OSI+SVQgU2VjdXJpdHkgYW5kIERldk9wczwvb3B0aW9uPjxvcHRpb24gdmFsdWU9IjYxIj5PdGhlcjwvb3B0aW9uPjwvc2VsZWN0Pgo8L2Rpdj4KPGRpdiBjbGFzcz0iZm9ybS1pdGVtIGZvcm0tdHlwZS1zZWxlY3QgZm9ybS1pdGVtLWpvYnJlZ2lvbiI+CiAgPGxhYmVsIGZvcj0iZWRpdC1qb2JyZWdpb24iPkxvY2F0aW9uIDwvbGFiZWw+CiA8c2VsZWN0IGlkPSJlZGl0LWpvYnJlZ2lvbiIgbmFtZT0iam9icmVnaW9uIiBjbGFzcz0iZm9ybS1zZWxlY3QiPjxvcHRpb24gdmFsdWU9Ii0xIj5QaWNrIGEgbG9jYXRpb248L29wdGlvbj48b3B0aW9uIHZhbHVlPSIxIj5Cb3N0b248L29wdGlvbj48b3B0aW9uIHZhbHVlPSIyIj5OWUM8L29wdGlvbj48b3B0aW9uIHZhbHVlPSIyODYiPlBoaWxhZGVscGhpYTwvb3B0aW9uPjxvcHRpb24gdmFsdWU9IjMyMSI+UmVtb3RlPC9vcHRpb24+PG9wdGlvbiB2YWx1ZT0iMzkxIj5TRiAvIEJheSBBcmVhPC9vcHRpb24+PG9wdGlvbiB2YWx1ZT0iMzkyIj5PdGhlcjwvb3B0aW9uPjwvc2VsZWN0Pgo8L2Rpdj4KPGRpdiBjbGFzcz0iZm9ybS1pdGVtIGZvcm0tdHlwZS1jaGVja2JveCBmb3JtLWl0ZW0tam9pbi1pbnNpZ2h0cyI+CiA8aW5wdXQgdHlwZT0iY2hlY2tib3giIGlkPSJlZGl0LWpvaW4taW5zaWdodHMiIG5hbWU9ImpvaW5faW5zaWdodHMiIHZhbHVlPSIxIiBjaGVja2VkPSJjaGVja2VkIiBjbGFzcz0iZm9ybS1jaGVja2JveCIgLz4gIDxsYWJlbCBjbGFzcz0ib3B0aW9uIiBmb3I9ImVkaXQtam9pbi1pbnNpZ2h0cyI+RGFpbHkgSW5zaWdodHMgPC9sYWJlbD4KCjxkaXYgY2xhc3M9ImRlc2NyaXB0aW9uIj5EYWlseSBmZWVkIG9mIFZlbnR1cmVGaXp6IGNvbnRlbnQgc2hvd2Nhc2luZyBjb21wYW5pZXMsIHRoZWlyIHBlb3BsZSwgYW5kIGN1bHR1cmUsIHBsdXMgY3VyYXRlZCBndWlkZXMuPC9kaXY+CjwvZGl2Pgo8ZGl2IGNsYXNzPSJmb3JtLWl0ZW0gZm9ybS10eXBlLWNoZWNrYm94IGZvcm0taXRlbS1qb2luLXdlZWtseSI+CiA8aW5wdXQgdHlwZT0iY2hlY2tib3giIGlkPSJlZGl0LWpvaW4td2Vla2x5IiBuYW1lPSJqb2luX3dlZWtseSIgdmFsdWU9IjEiIGNoZWNrZWQ9ImNoZWNrZWQiIGNsYXNzPSJmb3JtLWNoZWNrYm94IiAvPiAgPGxhYmVsIGNsYXNzPSJvcHRpb24iIGZvcj0iZWRpdC1qb2luLXdlZWtseSI+VmVudHVyZUZpenogV2Vla2x5IERpZ2VzdCA8L2xhYmVsPgoKPGRpdiBjbGFzcz0iZGVzY3JpcHRpb24iPkN1cmF0ZWQgY2FyZWVyIGFkdmljZSwgbmV3cywgYW5kIGNvbnRlbnQgZnJvbSBhY3Jvc3MgdGhlIHRlY2ggaW5kdXN0cnkuPC9kaXY+CjwvZGl2Pgo8aW5wdXQgdHlwZT0ic3VibWl0IiBpZD0iZWRpdC1zdWJtaXQiIG5hbWU9Im9wIiB2YWx1ZT0iU3Vic2NyaWJlIiBjbGFzcz0iZm9ybS1zdWJtaXQiIC8+PGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZm9ybV9idWlsZF9pZCIgdmFsdWU9ImZvcm0tOVZxbURJelhTdExRTWhLX1hucXpTVXRYaHJyaFUxclNwOGZINllnWkpDMCIgLz4KPGlucHV0IHR5cGU9ImhpZGRlbiIgbmFtZT0iZm9ybV9pZCIgdmFsdWU9InZmaXp6X2VuZXdzX3NpZ251cF9mb3JtIiAvPgo8L2Rpdj48L2Zvcm0+
By signing up, you agree to our Terms of Service & Privacy Policy An account on VentureFizz will also be created so you can manage your email subscriptions and personalize your experience on VentureFizz.