Brown University Health
Join to apply for the
Systems Security Analyst
role at
Brown University Health .
Pay Range This range is provided by Brown University Health. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range: $102,963.22/yr - $169,000.00/yr
Summary The Systems Security Analyst is a critical member of the Chief Information Security Officer’s (CISO’s) team and reports to the Manager of Information Security Operations. This hands‑on role requires a high level of technical and analytical expertise. Responsibilities include day‑to‑day administration of information security tools, creation of security documentation, and second- and third‑level support for SIEM alerts. The role ensures the organization maintains compliance with regulatory requirements, industry standards, and internal policies while proactively managing security risks.
Responsibilities Consistently applies the corporate values of respect, honesty, and fairness, and the pursuit of excellence in improving community health through customer‑friendly, geographically accessible services.
Monitors, configures, and remediates SIEM, alerting/detection (network & endpoint), log management, phishing detection & response, digital forensics, penetration testing, zero‑trust architecture, threat‑informed defense (MITRE ATT&CK), O365, and security automation.
Monitors and configures security controls across multi‑cloud (Azure / AWS) environments.
Assists in developing and documenting security architecture, policies, standards, and procedures.
Works with third‑party partners to ensure contractual value and performance.
Participates in cloud/on‑premises incident response processes, including tabletop breach exercises.
Ensures preparedness for external audits.
Maintains up‑to‑date technical knowledge through seminars, vendor presentations, and professional literature.
Attends and actively contributes to problem‑management and major‑incident conference calls as required.
Researches and pilots new tools, technologies, controls, and processes to support and enforce security policies.
Monitors emerging threats, vulnerabilities, and best practices to keep controls effective and aligned with the threat landscape.
Provides expertise on security best practices across IT, infrastructure, and enterprise operations.
Contributes to a technical reference library, security advisories, alerts, and information on trends and regulations.
Ensures audit trails, system logs, and monitoring data are reviewed and compliant with policies.
Evaluates baseline security configurations for operating systems, applications, networking equipment, and telecommunications equipment.
Assists staff in resolving reported security incidents.
Ensures compliance with HIPAA, HITECH, PCI‑DSS, NIST, and other regulatory standards.
Researches new threats and security alerts, recommending remedial actions.
Identifies opportunities to improve Security Operations practices and recommends updates to processes and controls.
Provides expert‑level guidance to IT staff and business on all Information Security policies, standards, processes, and procedures.
Works with infrastructure teams and business units to ensure policy compliance and adherence to best practices.
Participates in security projects, providing guidance on policy, process, and procedures.
Participates in compliance/audit activities as requested by internal and external auditors.
Maintains work effort status within SLA’s on the Service Desk and Task Management Platforms.
Identifies risks and performs risk register validations as required.
Participates in a recurring on‑call schedule that includes evenings and weekends.
Performs other duties as assigned.
Qualifications
Minimum of 10 years of information systems experience, with 5 years in an information security role.
Bachelor’s degree in information systems or equivalent work experience; M.B.A. or M.S. in information security is preferred.
Certifications (3 or more): CISSP, CCSP, OSCP, CISA, GIAC, CEH, Security+.
Strong understanding of authentication and authorization protocols (OAuth2, SAML, OpenID Connect).
Experience implementing phishing‑resistant MFA (e.g., FIDO2/WebAuthn, smart cards, or certificate‑based authentication).
Experience implementing security controls via infrastructure‑as‑code (Terraform, Ansible, etc.).
Familiarity with SOAR platforms or automated incident response playbooks.
Experience securing cloud environments (AWS, Azure, GCP) and knowledge of cloud‑native security services.
Experience with SIEM platforms (Splunk, Sentinel, QRadar) for monitoring, alerting, and correlation.
Hands‑on familiarity with EDR/XDR solutions (CrowdStrike, Defender for Endpoint).
Knowledge of vulnerability scanning and management tools (Nessus, Qualys, Rapid7).
Experience with CSPM and cloud workload protection tools to identify misconfigurations, vulnerabilities, and risks across multi‑cloud environments.
Experience with APIs, including RESTful or GraphQL endpoints for secure data integration.
Proficiency in scripting and automation (Python, PowerShell, Bash) for security operations.
Strong understanding of regulatory requirements, security frameworks, and risk management methodologies (HIPAA, HITECH, NIST, ISO 27001).
Expert level in security best practices.
Excellent written and verbal communication skills, with the ability to present complex concepts to diverse audiences.
Intermediate level with Wireshark and/or equivalent packet capture and analysis.
Experience with patch management, device hardening, configuration auditing, and endpoint security best practices.
Familiarity with cryptography principles and cryptanalysis.
Experience with virtualization technologies.
Experience designing secure landing zones in Microsoft Azure and Amazon AWS.
Understanding of Public Key Infrastructure.
Knowledge of and experience in developing and documenting security architecture and plans.
Strong understanding of networking technologies and packet analysis.
In‑depth knowledge of risk assessment methods and technologies.
Knowledge of network infrastructure, routers, switches, firewalls, and associated protocols.
Excellent technical knowledge of mainstream operating systems (Windows, Linux) and security technologies.
Proficiency in performing risk, business impact, control, and vulnerability assessments.
Working knowledge of IT/network and cloud architectures sufficient to map controls, evidence, and risks.
Strong written and verbal communication skills and ability to communicate security guidance to non‑technical audiences.
Independent Action Functions independently within departmental policies and practices, achieving goals and productivity requirements. Refers unresolved complex issues to the director when clarification of policies or procedures is required.
Supervisory Responsibilities Functions independently within departmental policies and practices and refers specific complex problems to the direct manager for clarification of policies or procedures.
Benefits
Medical insurance
Vision insurance
401(k)
Disability insurance
Tuition assistance
Student loan assistance
#J-18808-Ljbffr
Systems Security Analyst
role at
Brown University Health .
Pay Range This range is provided by Brown University Health. Your actual pay will be based on your skills and experience — talk with your recruiter to learn more.
Base pay range: $102,963.22/yr - $169,000.00/yr
Summary The Systems Security Analyst is a critical member of the Chief Information Security Officer’s (CISO’s) team and reports to the Manager of Information Security Operations. This hands‑on role requires a high level of technical and analytical expertise. Responsibilities include day‑to‑day administration of information security tools, creation of security documentation, and second- and third‑level support for SIEM alerts. The role ensures the organization maintains compliance with regulatory requirements, industry standards, and internal policies while proactively managing security risks.
Responsibilities Consistently applies the corporate values of respect, honesty, and fairness, and the pursuit of excellence in improving community health through customer‑friendly, geographically accessible services.
Monitors, configures, and remediates SIEM, alerting/detection (network & endpoint), log management, phishing detection & response, digital forensics, penetration testing, zero‑trust architecture, threat‑informed defense (MITRE ATT&CK), O365, and security automation.
Monitors and configures security controls across multi‑cloud (Azure / AWS) environments.
Assists in developing and documenting security architecture, policies, standards, and procedures.
Works with third‑party partners to ensure contractual value and performance.
Participates in cloud/on‑premises incident response processes, including tabletop breach exercises.
Ensures preparedness for external audits.
Maintains up‑to‑date technical knowledge through seminars, vendor presentations, and professional literature.
Attends and actively contributes to problem‑management and major‑incident conference calls as required.
Researches and pilots new tools, technologies, controls, and processes to support and enforce security policies.
Monitors emerging threats, vulnerabilities, and best practices to keep controls effective and aligned with the threat landscape.
Provides expertise on security best practices across IT, infrastructure, and enterprise operations.
Contributes to a technical reference library, security advisories, alerts, and information on trends and regulations.
Ensures audit trails, system logs, and monitoring data are reviewed and compliant with policies.
Evaluates baseline security configurations for operating systems, applications, networking equipment, and telecommunications equipment.
Assists staff in resolving reported security incidents.
Ensures compliance with HIPAA, HITECH, PCI‑DSS, NIST, and other regulatory standards.
Researches new threats and security alerts, recommending remedial actions.
Identifies opportunities to improve Security Operations practices and recommends updates to processes and controls.
Provides expert‑level guidance to IT staff and business on all Information Security policies, standards, processes, and procedures.
Works with infrastructure teams and business units to ensure policy compliance and adherence to best practices.
Participates in security projects, providing guidance on policy, process, and procedures.
Participates in compliance/audit activities as requested by internal and external auditors.
Maintains work effort status within SLA’s on the Service Desk and Task Management Platforms.
Identifies risks and performs risk register validations as required.
Participates in a recurring on‑call schedule that includes evenings and weekends.
Performs other duties as assigned.
Qualifications
Minimum of 10 years of information systems experience, with 5 years in an information security role.
Bachelor’s degree in information systems or equivalent work experience; M.B.A. or M.S. in information security is preferred.
Certifications (3 or more): CISSP, CCSP, OSCP, CISA, GIAC, CEH, Security+.
Strong understanding of authentication and authorization protocols (OAuth2, SAML, OpenID Connect).
Experience implementing phishing‑resistant MFA (e.g., FIDO2/WebAuthn, smart cards, or certificate‑based authentication).
Experience implementing security controls via infrastructure‑as‑code (Terraform, Ansible, etc.).
Familiarity with SOAR platforms or automated incident response playbooks.
Experience securing cloud environments (AWS, Azure, GCP) and knowledge of cloud‑native security services.
Experience with SIEM platforms (Splunk, Sentinel, QRadar) for monitoring, alerting, and correlation.
Hands‑on familiarity with EDR/XDR solutions (CrowdStrike, Defender for Endpoint).
Knowledge of vulnerability scanning and management tools (Nessus, Qualys, Rapid7).
Experience with CSPM and cloud workload protection tools to identify misconfigurations, vulnerabilities, and risks across multi‑cloud environments.
Experience with APIs, including RESTful or GraphQL endpoints for secure data integration.
Proficiency in scripting and automation (Python, PowerShell, Bash) for security operations.
Strong understanding of regulatory requirements, security frameworks, and risk management methodologies (HIPAA, HITECH, NIST, ISO 27001).
Expert level in security best practices.
Excellent written and verbal communication skills, with the ability to present complex concepts to diverse audiences.
Intermediate level with Wireshark and/or equivalent packet capture and analysis.
Experience with patch management, device hardening, configuration auditing, and endpoint security best practices.
Familiarity with cryptography principles and cryptanalysis.
Experience with virtualization technologies.
Experience designing secure landing zones in Microsoft Azure and Amazon AWS.
Understanding of Public Key Infrastructure.
Knowledge of and experience in developing and documenting security architecture and plans.
Strong understanding of networking technologies and packet analysis.
In‑depth knowledge of risk assessment methods and technologies.
Knowledge of network infrastructure, routers, switches, firewalls, and associated protocols.
Excellent technical knowledge of mainstream operating systems (Windows, Linux) and security technologies.
Proficiency in performing risk, business impact, control, and vulnerability assessments.
Working knowledge of IT/network and cloud architectures sufficient to map controls, evidence, and risks.
Strong written and verbal communication skills and ability to communicate security guidance to non‑technical audiences.
Independent Action Functions independently within departmental policies and practices, achieving goals and productivity requirements. Refers unresolved complex issues to the director when clarification of policies or procedures is required.
Supervisory Responsibilities Functions independently within departmental policies and practices and refers specific complex problems to the direct manager for clarification of policies or procedures.
Benefits
Medical insurance
Vision insurance
401(k)
Disability insurance
Tuition assistance
Student loan assistance
#J-18808-Ljbffr