Security Analyst

Metro Vein Centers
Detroit, United States of America
27 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Experience level
Intermediate
Compensation
$ 85K

Job location

Detroit, United States of America

Tech stack

Audit Trail
Google BigQuery
Health Informatics
Cloud Computing Security
Computer Security
Disaster Recovery
Domainkeys Identified Mail
Domain-Based Message Authentication Reporting and Conformance (DMARC)
Multi-Factor Authentication
Email Filtering
Identity and Access Management
Microsoft Security Essentials
OAuth
Role-Based Access Control
Phishing
Zero Trust Network Access
Security Information and Event Management
User Provisioning Software
Enterprise Software Applications
Microsoft InTune
Azure Security Center
Sender Policy Framework (SPF)
Gsuite
CIS Benchmarks

Job description

Metro Vein Centers is hiring a Security Analyst to own and mature our information security program across a 70+ clinic, cloud-first healthcare environment. This is a newly created role that reflects our commitment to proactive security, HIPAA compliance, and a zero trust approach to identity and access management.

You will be responsible for day-to-day security operations, including alert monitoring, access reviews, endpoint security, email security, MDM policy enforcement, MFA administration, phishing simulation programs, and more. The ideal candidate is both technically proficient and operationally focused, with the ability to drive security initiatives while partnering with clinical and corporate teams.

What You'll Do

  • Monitor security alerts and events across the environment; investigate, triage, and respond to incidents in a timely manner
  • Administer and maintain Google Workspace security controls, including DLP policies, Gmail security settings, Drive sharing policies, and audit log review
  • Manage endpoint detection and response operations
  • Oversee device compliance policies, conditional access rules, and endpoint security baselines
  • Administer and enforce MFA policies and password complexity standards across all user populations
  • Conduct quarterly role-based access audits across critical systems including Athena, Luma, Google Workspace, and BigQuery
  • Own and maintain least-privilege access model across enterprise applications and identity platforms
  • Manage email security controls including phishing protection, spam filtering, and DMARC/DKIM configuration
  • Design and execute phishing simulation campaigns; deliver user security awareness training
  • Support HIPAA security compliance, including contributing to risk assessments, policy updates, and audit readiness
  • Assist with identity and access management (IAM) administration, including SSO, Google Identity
  • Collaborate with the network team on ZTNA policy enforcement and Zscaler security configurations
  • Contribute to incident response plans, disaster recovery documentation, and security runbooks
  • Track and report on key security KPIs including MFA adoption, device compliance rates, open vulnerabilities, and audit findings
  • Other related security duties as assigned
  • Occasional travel for critical issues or growth
  • Being on call rotation

Requirements

Do you have experience in Security audits?, * 3-5 years of experience in an information security, security analyst, or IT security operations role

  • Hands-on experience administering Google Workspace security features (admin console, audit logs, DLP, OAuth app controls)
  • Experience with endpoint security platforms; CrowdStrike Falcon preferred, Microsoft Defender for Endpoint also considered
  • Familiarity with Microsoft security products including Intune, Microsoft Defender, and Entra ID
  • Solid understanding of identity and access management concepts: SSO, MFA, RBAC, least privilege
  • Experience conducting access reviews, user provisioning audits, and policy enforcement
  • Working knowledge of email security protocols (SPF, DKIM, DMARC) and email threat landscape
  • Strong analytical skills with the ability to investigate alerts and identify indicators of compromise
  • Excellent written and verbal communication skills; ability to explain security concepts to non-technical users
  • Familiarity with HIPAA Security Rule requirements and healthcare data protection obligations

Preferred Skills

  • CrowdStrike certification (CCFA, CCFH, or equivalent) preferred
  • Microsoft security certifications (SC-200, MS-500, or equivalent) a strong plus
  • Experience with Zscaler ZIA security policy management or cloud-native security platforms
  • Familiarity with SIEM platforms and log management tools
  • Experience running security awareness programs and phishing simulations (KnowBe4, Proofpoint, or similar)
  • Prior experience in healthcare IT security or compliance roles
  • Knowledge of NIST CSF or CIS Controls frameworks

Benefits & conditions

Pulled from the full job description

  • Health insurance
  • 401(k) matching
  • Paid time off
  • Vision insurance
  • Dental insurance
  • Life insurance
  • Employee assistance program, Full-time team members at Metro Vein Centers are eligible for:
  • Medical, Dental, and Vision Insurance
  • 401(k) with Company Match
  • Generous Paid Time Off (PTO) + Paid Company Holidays
  • Company-Paid Life Insurance
  • Short-Term & Long-Term Disability Insurance
  • Employee Assistance Program (EAP)
  • Career Growth & Development Opportunities
  • A collaborative, mission-driven culture focused on delivering exceptional patient care

About the company

Metro Vein Centers is a rapidly growing healthcare practice specializing in state-of-the-art vein treatments. Our board-certified physicians and expert staff are on a mission to improve people's quality of life by relieving the painful, yet highly treatable symptoms of vein disease-such as varicose veins and heavy, aching legs. With over 70 clinics across 8 states, and still growing, we're building the future of vein care-delivering compassionate, results-driven care in a modern, patient-first environment. We proudly maintain a Net Promoter Score (NPS) of 93, the highest patient satisfaction in the industry., The Metro Vein Centers Difference Healthy legs. Happier lives. At Metro Vein Centers, we believe exceptional care begins with an exceptional experience. Our mission is to make vein care approachable, empowering, and connected to overall well-being. From the first conversation to the final follow-up, every patient interaction reflects our commitment to compassion, expertise, and trust. A team united by purpose. Our values guide everything we do: * Patients First, Always - Every interaction should make our patients feel valued, heard, and cared for. * Stronger Together - Teamwork and collaboration drive our success. We lift each other up to deliver the best for our patients. * A Can-Do Spirit - We meet every challenge with positivity, flexibility, and problem-solving energy. * Results That Make a Difference - We're driven to improve lives through meaningful, measurable outcomes. * Commitment to Growth - We invest in our people, fostering advancement and professional development at every level. Metro Vein Centers is an Equal Opportunity Employer. We're committed to creating a workplace where everyone feels seen, heard, and supported. We do not discriminate based on race, color, religion, sex, national origin, age, disability, genetics, gender identity or expression, sexual orientation, veteran status, or any other protected status in accordance with applicable federal, state, and local laws. This policy applies to all aspects of employment, including recruitment, hiring, promotion, compensation, benefits, and termination. Legal & Compliance Notice: Metro Vein Centers complies with all applicable federal, state, and local employment laws, including those related to nondiscrimination, equal opportunity, and pay transparency. Where specific disclosures or postings are required by law, we provide this information as part of our hiring process or upon request.

Apply for this position