Security Analyst Job at Astera Cancer Care in Nashville

OneOncology is positioning community oncologists to drive the future of cancer care through a patient-centric, physician-driven, and technology-powered model to help improve the lives of everyone living with cancer. Our team is bringing together leaders to the marketplace to help drive OneOncology’s mission and vision.

Why join us? This is an exciting time to join OneOncology. Our values-driven culture reflects our startup enthusiasm supported by industry leaders in oncology, technology, and finance. We are looking for talented and highly motivated individuals who demonstrate a natural desire to improve and build new processes that support the meaningful work of community oncologists and the patients they serve.

Job Description:

The Security Analyst will report to OneOncology’s Director, Infrastructure & Security. This position plays a critical role in enhancing the security posture of our oncology physician practices while ensuring strict compliance with HITRUST standards for our corporate office. Responsibilities include implementing and maintaining security measures, analyzing vulnerabilities, and responding to security incidents to safeguard healthcare data and maintain system integrity.

Responsibilities

1. Collaborate with cross-functional teams to identify and address security risks across partnered practices.
2. Develop and implement security policies, procedures, and guidelines tailored to healthcare needs.
3. Conduct security assessments, audits, and penetration testing to identify weaknesses and recommend improvements.
4. Stay updated with security trends, threats, and technologies to proactively improve security.
5. Ensure compliance with HITRUST, HIPAA, and other healthcare security standards.
6. Assist in preparing documentation and reports for compliance audits.
7. Develop and maintain incident response plans for security breaches.
8. Investigate incidents, perform root cause analysis, and recommend corrective actions.
9. Collaborate with IT to implement security patches and updates.
10. Monitor security alerts, logs, and reports to respond to threats.
11. Analyze security data to identify risks and mitigate them proactively.
12. Evaluate third-party vendor security practices for compliance.
13. Manage security tools such as firewalls and intrusion detection systems.
14. Gather threat intelligence to anticipate security threats.
15. Review and update security architecture regularly.
16. Implement Data Loss Prevention solutions to prevent data breaches.
17. Develop security metrics and report findings to management.
18. Integrate security measures into business continuity and disaster recovery plans.
19. Manage Identity and Access Management processes.
20. Lead security awareness programs for employees.
21. Ensure security of cloud-based systems and data.
22. Stay informed about regulatory changes and update security policies accordingly.
23. Other duties as assigned to support our mission of improving lives affected by cancer.

Qualifications include a Bachelor's degree in Information Security, Computer Science, or related field; relevant certifications preferred; proven experience in healthcare security; strong knowledge of security standards like HITRUST and HIPAA; and excellent communication and analytical skills.

About OneOncology

OneOncology is the national platform for independent community oncology practices working together to improve the lives of those living with cancer through a physician-led, data-driven, and patient-centric model. We support practices with capital, innovative technology, and expertise, enabling growth, multidisciplinary care, and attracting top talent. Our network includes nearly 600 providers across more than 175 sites nationwide.